CVE-2007-1584

PHP 5.2.0 - RCE

Title source: llm

Description

Buffer underflow in the header function in PHP 5.2.0 allows context-dependent attackers to execute arbitrary code by passing an all-whitespace string to this function, which causes it to write '\0' characters in whitespace that precedes the string.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Stefan Esser · phplocalosx

https://www.exploit-db.com/exploits/3517

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Stefan Esser · phplocalosx

https://www.exploit-db.com/exploits/3460

View Code ZIP pw:eip

References (2)

[Vendor Advisory] http://www.php-security.org/MOPB/MOPB-25-2007.html

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/3517

Scores

EPSS 0.0313

EPSS Percentile 86.9%

Details

Status published

Products (1)

php/php 5.2.0

Published Mar 21, 2007

Tracked Since Feb 18, 2026