Multiple buffer overflows in the php_ntuser component for PHP 5.2.3 allow context-dependent attackers to cause a denial of service or execute arbitrary code via long arguments to the (1) ntuser_getuserlist, (2) ntuser_getuserinfo, (3) ntuser_getusergroups, or (4) ntuser_getdomaincontroller functions.
Published: 2007-08-23
Base Score: 6.8
Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P
Severity: Medium