#VU110453 Input validation error in PHP - CVE-2007-1383

Cybersecurity Help s.r.o.

Published: 2025-04-03 | Updated: 2025-06-14

Vulnerability identifier: #VU110453

Vulnerability risk: High

CVSSv4.0: 8.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber]

CVE-ID: CVE-2007-1383

CWE-ID: CWE-20

Exploitation vector: Network

Exploit availability: Yes

Vulnerable software:
PHP
Universal components / Libraries / Scripting languages

Vendor: PHP Group

Description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

Integer overflow in the 16 bit variable reference counter in PHP 4 allows context-dependent attackers to execute arbitrary code by overflowing this counter, which causes the same variable to be destroyed twice, a related issue to CVE-2007-1286.

Mitigation
Install update from vendor's website.

Vulnerable software versions

PHP: 4.0

External links
https://secunia.com/advisories/24606
https://secunia.com/advisories/24606
https://secunia.com/advisories/25056
https://secunia.com/advisories/25056
https://security.gentoo.org/glsa/glsa-200703-21.xml
https://security.gentoo.org/glsa/glsa-200703-21.xml
https://www.novell.com/linux/security/advisories/2007_32_php.html
https://www.novell.com/linux/security/advisories/2007_32_php.html
https://www.osvdb.org/32770
https://www.osvdb.org/32770
https://www.php-security.org/MOPB/MOPB-01-2007.html
https://www.php-security.org/MOPB/MOPB-01-2007.html
https://www.securityfocus.com/bid/22765
https://www.securityfocus.com/bid/22765

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

Latest bulletins with this vulnerability

Multiple vulnerabilities in PHP

Gentoo update for PHP