Main Vulnerability Database Vulnerabilities #VU110401

Buffer overflow in PHP - CVE-2007-1864

Published: May 22, 2019 / Updated: June 8, 2025

Vulnerability identifier: #VU110401

CSH Severity: Medium

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2007-1864

CWE-ID: CWE-119

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: PHP Group

Affected software:
PHP

Detailed vulnerability description

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

Buffer overflow in the bundled libxmlrpc library in PHP before 4.4.7, and 5.x before 5.2.2, has unknown impact and remote attack vectors.

Install update from vendor's website.