Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The ADONewConnection Connect function in adodb.php in XAMPP 1.6.0a and earlier for Windows uses untrusted input for the database server hostname, which allows remote attackers to trigger a library buffer overflow and execute arbitrary code via a long host parameter, or have other unspecified impact. NOTE: it could be argued that this is an issue in mssql_connect (CVE-2007-1411.1) in PHP, or an issue in the ADOdb Library, and the proper fix should be in one of these products; if so, then this should not be treated as a vulnerability in XAMPP.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Windows XAMPP 'adodb.php' ADONewConnection Connect函数远程缓冲区溢出漏洞
Vulnerability Description
Windows XAMPP的adodb.php文件中的ADONewConnection Connect函数为数据库服务器主机名使用不可信的输入,存在缓冲区溢出漏洞。远程攻击者可以借助一个超长的主机参数,触发库缓冲区溢出和执行任意代码或造成其他未明影响。
CVSS Information
N/A
Vulnerability Type
N/A