Main Vulnerability Database Exploits ID:11114 - Exploit for Buffer overflow in PHP - CVE-2023-3824

ID:11114 - Exploit for Buffer overflow in PHP - CVE-2023-3824

Published: February 7, 2025

Vulnerability identifier: #VU78978

Vulnerability risk: Critical

CVE-ID: CVE-2023-3824

CWE-ID: CWE-119

Exploitation vector: Remote access

Vulnerable software:
PHP

Link to public exploit:

https://github.com/fr33c0d3/poc-cve-2023-3824

Vulnerability description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the phar_dir_read() function. A remote attacker can force the application to open a specially crafted .phar archive, trigger memory corruption and execute arbitrary code on the target system.

Remediation

Install updates from vendor's website.

ID:11114 - Exploit for Buffer overflow in PHP - CVE-2023-3824

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human