Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The php_mysqlnd_read_error_from_line function in the Mysqlnd extension in PHP 5.3 through 5.3.2 does not properly calculate a buffer length, which allows context-dependent attackers to trigger a heap-based buffer overflow via crafted inputs that cause a negative length value to be used.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
PHP Mysqlnd扩展php_mysqlnd_read_error_from_line函数缓冲区溢出漏洞
Vulnerability Description
PHP是广泛使用的通用目的脚本语言,特别适合于Web开发,可嵌入到HTML中。 PHP 5.3至5.3.2版本中的Mysqlnd扩展中的php_mysqlnd_read_error_from_line函数不能正确计算出缓冲区长度。攻击者可以借助特制的引起使用负长度值的输入触发基于堆的缓冲区溢出。
CVSS Information
N/A
Vulnerability Type
N/A