PHP POST file upload buffer overflow vulnerabilities

Description
  • <div class="bb-coolbox"><span class="bb-dark">This alert was generated using only banner information. It may be a false positive. </span></div><br/>PHP does not perform proper bounds checking on in functions related to Form-based File Uploads in HTML (RFC1867). Specifically, this problem occurs in the functions which are used to decode MIME encoded files. As a result, it may be possible to overrun the buffer used for the vulnerable functions to cause arbitrary attacker-supplied instructions to be executed. <br/><br/><span class="bb-navy">Affected PHP versions (up to 4.1.1).</span><br/>
Remediation
  • Upgrade PHP to the latest version.
References
Severity
Classification
Tags