Description

Integer signedness error in emalloc() function for PHP before 4.3.2 allow remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via negative arguments to functions such as (1) socket_recv, (2) socket_recvfrom, and possibly other functions.

Remediation

References

CVE-2003-0166

Related Vulnerabilities

SharePoint CVE-2022-41037 Vulnerability (CVE-2022-41037)

WordPress Plugin Secure HTML5 Video Player Cross-Site Scripting (3.14)

Apache read beyond bounds in mod_isapi Vulnerability (CVE-2022-28330)

WordPress Plugin WP Visitor Statistics (Real Time Traffic) Security Bypass (5.4)

Moodle Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2008-5153)

Severity

High

Classification

CVE-2003-0166

Tags

Missing Update Known Vulnerabilities