CVE-2007-3806

Php - Improper Input Validation

Title source: rule

Description

The glob function in PHP 5.2.3 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via an invalid value of the flags parameter, probably related to memory corruption or an invalid read on win32 platforms, and possibly related to lack of initialization for a glob structure.

Exploits (1)

exploitdb WORKING POC VERIFIED

by shinnai · phpdosmultiple

https://www.exploit-db.com/exploits/4181

View Code ZIP pw:eip

References (18)

[Vendor Advisory] http://secunia.com/advisories/26085

[Vendor Advisory] http://secunia.com/advisories/26642

[Vendor Advisory] http://secunia.com/advisories/27102

[Vendor Advisory] http://secunia.com/advisories/30158

[Vendor Advisory] http://secunia.com/advisories/30288

[Vendor Advisory] http://www.php.net/ChangeLog-5.php#5.2.4

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/24922

[Vendor Advisory] http://www.vupen.com/english/advisories/2007/2547

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/35437

[Third Party Advisory] http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml

[Various Sources] http://cvs.php.net/viewvc.cgi/php-src/ext/standard/dir.c?r1=1.166&r2=1.167

[Various Sources] http://cvs.php.net/viewvc.cgi/php-src/ext/standard/dir.c?view=log

[Release Notes] http://www.php.net/releases/5_2_4.php

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/25498

[Exploit, Third Party Advisory] http://www.exploit-db.com/exploits/4181

[Third Party Advisory] http://www.debian.org/security/2008/dsa-1572

[Third Party Advisory] http://www.debian.org/security/2008/dsa-1578

[Third Party Advisory, VDB Entry] http://osvdb.org/36085

Scores

EPSS 0.0521

EPSS Percentile 90.0%

Details

CWE

CWE-20 CWE-399

Status published

Products (1)

php/php 5.2.3

Published Jul 17, 2007

Tracked Since Feb 18, 2026