Description

The ovrimos_longreadlen function in the Ovrimos extension for PHP before 4.4.5 allows context-dependent attackers to write to arbitrary memory locations via the result_id and length arguments.

Remediation

References

CVE-2007-1378

Related Vulnerabilities

Vanilla Forums Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-1000432)

concrete5 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-5107)

Grafana Improper Authentication Vulnerability (CVE-2021-39226)

osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43719)

WordPress Plugin MPL-Publisher-Create your Ebook & Audiobook Cross-Site Scripting (1.29.1)

Severity

Medium

Classification

CVE-2007-1378

Tags

Missing Update Known Vulnerabilities