CVE-2007-1381

PHP - Buffer Overflow in wddx_deserialize via Malformed STRING Element

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-1381. PoCs published by Stefan Esser.

AI-analyzed exploit summary This exploit demonstrates a buffer overflow vulnerability in PHP's wddx_deserialize() function, which can lead to a denial-of-service (DoS) condition. The PoC sends malformed WDDX data to trigger the crash.

Description

The wddx_deserialize function in wddx.c 1.119.2.10.2.12 and 1.119.2.10.2.13 in PHP 5, as modified in CVS on 20070224 and fixed on 20070304, calls strlcpy where strlcat was intended and uses improper arguments, which allows context-dependent attackers to execute arbitrary code via a WDDX packet with a malformed overlap of a STRING element, which triggers a buffer overflow.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Stefan Esser · phpdosmultiple
https://www.exploit-db.com/exploits/3404

This exploit demonstrates a buffer overflow vulnerability in PHP's wddx_deserialize() function, which can lead to a denial-of-service (DoS) condition. The PoC sends malformed WDDX data to trigger the crash.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: PHP (versions affected by CVE-2007-1381)
No auth needed
Prerequisites: PHP with WDDX extension enabled
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/32775

Scores

EPSS 0.0907
EPSS Percentile 94.6%

Details

CWE
CWE-119
Status published
Products (1)
php/php 5.0.0
Published Mar 10, 2007
Tracked Since Feb 18, 2026