CVE-2002-2309

Php - Resource Management Error

Title source: rule

Description

php.exe in PHP 3.0 through 4.2.2, when running on Apache, does not terminate properly, which allows remote attackers to cause a denial of service via a direct request without arguments.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Matthew Murphy · cdosunix

https://www.exploit-db.com/exploits/21632

View Code ZIP pw:eip

References (4)

[Third Party Advisory, VDB Entry] http://online.securityfocus.com/archive/1/283586

[Mailing List] http://lists.grok.org.uk/pipermail/full-disclosure/2002-July/000605.html

[Third Party Advisory] http://www.iss.net/security_center/static/9646.php

[Exploit] http://www.securityfocus.com/bid/5280

Scores

EPSS 0.0642

EPSS Percentile 91.1%

Details

CWE

CWE-399

Status published

Products (32)

php/php 3.0.1

php/php 3.0.2

php/php 3.0.3

php/php 3.0.4

php/php 3.0.5

php/php 3.0.6

php/php 3.0.7

php/php 3.0.8

php/php 3.0.9

php/php 3.0.10

... and 22 more

Published Dec 31, 2002

Tracked Since Feb 18, 2026