CVE-2005-1807

PHPMailer < 1.72 - Denial of Service via Long Header Field

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-1807. PoCs published by Mariano Nunez Di Croce.

AI-analyzed exploit summary This is a writeup describing a DoS vulnerability in PHPMailer 1.72 and prior versions. The vulnerability is triggered by sending an email with a malformed header field containing an excessively long string, causing an infinite loop and resource exhaustion.

Description

The Data function in class.smtp.php in PHPMailer 1.7.2 and earlier allows remote attackers to cause a denial of service (infinite loop leading to memory and CPU consumption) via a long header field.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Mariano Nunez Di Croce · textdosphp
https://www.exploit-db.com/exploits/25752

This is a writeup describing a DoS vulnerability in PHPMailer 1.72 and prior versions. The vulnerability is triggered by sending an email with a malformed header field containing an excessively long string, causing an infinite loop and resource exhaustion.

Classification
Writeup 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Theoretical
Target: PHPMailer <= 1.72
No auth needed
Prerequisites: Ability to send an email to a target using PHPMailer
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (10)

Core 10
Core References
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/2242
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2006/0448
Exploit, Vendor Advisory vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1014069
Exploit, Vendor Advisory x_refsource_misc
http://www.cybsec.com/vuln/PHPMailer-DOS.pdf
Mailing List mailing-list x_refsource_bugtraq
http://seclists.org/lists/bugtraq/2005/May/0337.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/13805
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/25726
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/15543
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/18732

Scores

EPSS 0.0450
EPSS Percentile 90.3%

Details

Status published
Products (1)
phpmailer/phpmailer < 1.72
Published May 28, 2005
Tracked Since Feb 18, 2026