Buffer underflow in the header function in PHP 5.2.0 allows context-dependent attackers to execute arbitrary code by passing an all-whitespace string to this function, which causes it to write '\0' characters in whitespace that precedes the string.

Threat-Mapped Scoring

Score: 1.8

Priority: P4 - Informational (Low)

• S9 – Sabotage of System/App

EPSS

Score: 0.02946
Percentile: 0.8588

CVSS Scoring

Affected Products

• cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*

← Back to Home