CVE-2007-1401

Php - Buffer Overflow

Title source: rule

Description

Buffer overflow in the crack extension (CrackLib), as bundled with PHP 4.4.6 and other versions before 5.0.0, might allow local users to gain privileges via a long argument to the crack_opendict function.

Exploits (1)

exploitdb WORKING POC VERIFIED

by rgod · phplocalwindows

https://www.exploit-db.com/exploits/3431

View Code ZIP pw:eip

References (4)

[Exploit] http://retrogod.altervista.org/php_446_crack_opendict_local_bof.html

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/462226/100/0/threaded

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/3431

[Third Party Advisory] http://securityreason.com/securityalert/2405

Scores

EPSS 0.0044

EPSS Percentile 63.4%

Details

Status published

Products (1)

php/php 4.4.6

Published Mar 10, 2007

Tracked Since Feb 18, 2026