Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
PHP Other Vulnerability - CVE-2004-1018 - Vulnerability Database
PHP

PHP Other Vulnerability - CVE-2004-1018

Critical
Reference: CVE-2004-1018
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2004-1018
Title: PHP Other Vulnerability
Overview:

Multiple integer handling errors in PHP before 4.3.10 allow attackers to bypass safe mode restrictions cause a denial of service or execute arbitrary code via (1) a negative offset value to the shmop_write function (2) an quotinteger overflow/underflowquot in the pack function or (3) an quotinteger overflow/underflowquot in the unpack function. NOTE: this issue was originally REJECTed by its CNA before publication but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion.