ID:11485 - Exploit for Input validation error in PHP - CVE-2007-1286

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Exploits ID:11485 - Exploit for Input validation error in PHP - CVE-2007-1286

ID:11485 - Exploit for Input validation error in PHP - CVE-2007-1286

Published: June 8, 2025


Vulnerability identifier: #VU110455
Vulnerability risk: Medium
CVE-ID: CVE-2007-1286
CWE-ID: CWE-20
Exploitation vector: Remote access
Vulnerable software:
PHP

Link to public exploit:


Vulnerability description

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

Integer overflow in PHP 4.4.4 and earlier allows remote context-dependent attackers to execute arbitrary code via a long string to the unserialize function, which triggers the overflow in the ZVAL reference counter.


Remediation

Install update from vendor's website.