PHP POST file upload buffer overflow vulnerabilities

  • This alert was generated using only banner information. It may be a false positive.

    PHP does not perform proper bounds checking on in functions related to Form-based File Uploads in HTML (RFC1867). Specifically, this problem occurs in the functions which are used to decode MIME encoded files. As a result, it may be possible to overrun the buffer used for the vulnerable functions to cause arbitrary attacker-supplied instructions to be executed.

    Affected PHP versions (up to 4.1.1).
  • Upgrade PHP to the latest version.