← back
CVE-2007-4586

CVE-2007-4586

EPSS 9.4%
Multiple buffer overflows in php_iisfunc.dll in the iisfunc extension for PHP 5.2.0 and earlier allow context-dependent attackers to execute arbitrary code, probably during Unicode conversion, as demonstrated by a long string in the first argument to the iis_getservicestate function, related to the ServiceId argument to the (1) fnStartService, (2) fnGetServiceState, (3) fnStopService, and possibly other functions.
Affected products
n/a · n/a
public PoCs found1
cve_referencewww.exploit-db.com/exploits/4318unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/36262https://www.exploit-db.com/exploits/4318http://www.securityfocus.com/bid/25452