CVE-2007-1453

PHP 5.2.0 - Buffer Underflow in PHP_FILTER_TRIM_DEFAULT Macro

Title source: manual

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-1453. PoCs published by Stefan Esser.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in PHP's ext/filter component, allowing arbitrary code execution via a crafted input to the filter_var function. The PoC includes shellcode for a reverse shell on PPC MacOSX and demonstrates memory manipulation to achieve RCE.

Description

Buffer underflow in the PHP_FILTER_TRIM_DEFAULT macro in the filtering extension (ext/filter) in PHP 5.2.0 allows context-dependent attackers to execute arbitrary code by calling filter_var with certain modes such as FILTER_VALIDATE_INT, which causes filter to write a null byte in whitespace that precedes the buffer.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Stefan Esser · phpremotephp

https://www.exploit-db.com/exploits/29732

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in PHP's ext/filter component, allowing arbitrary code execution via a crafted input to the filter_var function. The PoC includes shellcode for a reverse shell on PPC MacOSX and demonstrates memory manipulation to achieve RCE.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Complex

Reliability

Reliable

Target: PHP 5.2.0

No auth needed

Prerequisites: PHP 5.2.0 with ext/filter enabled · Ability to send crafted input to the filter_var function

MITRE ATT&CK