CVE-2009-0754

PHP <4.4.4, <5.1.6 - Code Injection

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-0754. PoCs published by strategma.

AI-analyzed exploit summary This exploit demonstrates a denial-of-service vulnerability in PHP by leveraging Unicode text operations that crash the webserver due to improper global scope handling. The provided code snippet triggers the issue by processing a Unicode string with specific characters.

Description

PHP 4.4.4, 5.1.6, and other versions, when running on Apache, allows local users to modify behavior of other sites hosted on the same web server by modifying the mbstring.func_overload setting within .htaccess, which causes this setting to be applied to other virtual hosts on the same server.

Exploits (1)

exploitdb WORKING POC VERIFIED

by strategma · phpdosphp

https://www.exploit-db.com/exploits/32769

View Code ZIP pw:eip

This exploit demonstrates a denial-of-service vulnerability in PHP by leveraging Unicode text operations that crash the webserver due to improper global scope handling. The provided code snippet triggers the issue by processing a Unicode string with specific characters.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: PHP (versions affected by CVE-2009-0754)

No auth needed

Prerequisites: A vulnerable PHP installation

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (17)

Core 17

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id?1021979

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11035

Exploit, Vendor Advisory x_refsource_confirm

http://bugs.php.net/bug.php?id=27421

Vendor Advisory vendor-advisory x_refsource_fedora

https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01451.html

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/34642

Mailing List mailing-list x_refsource_mlist

http://www.openwall.com/lists/oss-security/2009/01/30/1

Mailing List mailing-list x_refsource_mlist

http://www.openwall.com/lists/oss-security/2009/02/25/3

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/35007

Mailing List mailing-list x_refsource_mlist

http://www.openwall.com/lists/oss-security/2009/02/03/3

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/34830

Mailing List vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html

Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2009-0350.html

Vendor Advisory vendor-advisory x_refsource_fedora

https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01465.html

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/35003

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/35306

Vendor Advisory vendor-advisory x_refsource_ubuntu

https://usn.ubuntu.com/761-1/

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2009/dsa-1789

Scores

EPSS 0.0095

EPSS Percentile 56.4%

Details

CWE

CWE-134

Status published

Products (2)

php/php 4.4.4

php/php 5.1.6

Published Mar 03, 2009

Tracked Since Feb 18, 2026