[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248392

 
 

909

 
 

195452

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2004-1018Date: (C)2005-01-10   (M)2023-12-22


Multiple integer handling errors in PHP before 4.3.10 allow attackers to bypass safe mode restrictions, cause a denial of service, or execute arbitrary code via (1) a negative offset value to the shmop_write function, (2) an "integer overflow/underflow" in the pack function, or (3) an "integer overflow/underflow" in the unpack function. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 10.0
Exploit Score: 10.0
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
BID-12045
OSVDB-12411
http://marc.info/?l=bugtraq&m=110314318531298&w=2
http://www.securityfocus.com/archive/1/384920
FLSA:2344
HPSBMA01212
MDKSA-2004:151
MDKSA-2005:072
RHSA-2005:032
RHSA-2005:816
USN-99-1
http://www.hardened-php.net/advisories/012004.txt
http://www.php.net/release_4_3_10.php
oval:org.mitre.oval:def:10949
php-shmopwrite-outofbounds-memory(18515)

CPE    2
cpe:/o:canonical:ubuntu_linux:4.10
cpe:/a:php:php

© SecPod Technologies