Vulnerability Details : CVE-2006-0097
Stack-based buffer overflow in the create_named_pipe function in libmysql.c in PHP 4.3.10 and 4.4.x before 4.4.3 for Windows allows attackers to execute arbitrary code via a long (1) arg_host or (2) arg_unix_socket argument, as demonstrated by a long named pipe variable in the host argument to the mysql_connect function.
Vulnerability category: OverflowExecute code
Threat overview for CVE-2006-0097
Top countries where our scanners detected CVE-2006-0097
Top open port discovered on systems with this issue
80
IPs affected by CVE-2006-0097 3,117
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2006-0097!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2006-0097
1.89%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 87 %
Percentile, the proportion of vulnerabilities that are scored at or less