ID:11578 - Exploit for Input validation error in PHP - CVE-2007-1401

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Exploits ID:11578 - Exploit for Input validation error in PHP - CVE-2007-1401

ID:11578 - Exploit for Input validation error in PHP - CVE-2007-1401

Published: June 12, 2025


Vulnerability identifier: #VU110445
Vulnerability risk: Low
CVE-ID: CVE-2007-1401
CWE-ID: CWE-20
Exploitation vector: Local access
Vulnerable software:
PHP

Link to public exploit:


Vulnerability description

The vulnerability allows a local user to execute arbitrary code.

Buffer overflow in the crack extension (CrackLib), as bundled with PHP 4.4.6 and other versions before 5.0.0, might allow local users to gain privileges via a long argument to the crack_opendict function.


Remediation

Install update from vendor's website.