Description
PHP 5.2.5 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long string in (1) the domain parameter to the dgettext function, the message parameter to the (2) dcgettext or (3) gettext function, the msgid1 parameter to the (4) dngettext or (5) ngettext function, or (6) the classname parameter to the stream_wrapper_register function. NOTE: this might not be a vulnerability in most web server environments that support multiple threads, unless this issue can be demonstrated for code execution.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by laurent gaffie · textdosphp
https://www.exploit-db.com/exploits/30760
References (8)
Core 8
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/26428
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/483648/100/0/threaded
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/3365
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/38442
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/38443
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/26426
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/483644/100/0/threaded
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/3366
Scores
EPSS
0.0039
EPSS Percentile
60.2%
Details
CWE
CWE-20
Status
published
Products (1)
php/php
< 5.2.4
Published
Nov 20, 2007
Tracked Since
Feb 18, 2026