cve/CVE-2021-21704.md at 8f32eec229df5ac6033987f6cf2822bfcb07c2e0

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-12-30 04:49:42 +00:00

marc 555e9c7de4 Update Sat May 25 21:48:12 CEST 2024

2024-05-25 21:48:12 +02:00

Description

In PHP versions 7.3.x below 7.3.29, 7.4.x below 7.4.21 and 8.0.x below 8.0.8, when using Firebird PDO driver extension, a malicious database server could cause crashes in various database functions, such as getAttribute(), execute(), fetch() and others by returning invalid response data that is not parsed correctly by the driver. This can result in crashes, denial of service or potentially memory corruption.

POC

Reference

https://bugs.php.net/bug.php?id=76449
https://bugs.php.net/bug.php?id=76450

Github

No PoCs found on GitHub currently.

1.1 KiB Raw Blame History

CVE-2021-21704

Description

POC

Reference

Github

1.1 KiB

Raw Blame History