1. CVE-Search
  2. CVE-2004-1018
ID CVE-2004-1018
Summary Multiple integer handling errors in PHP before 4.3.10 allow attackers to bypass safe mode restrictions, cause a denial of service, or execute arbitrary code via (1) a negative offset value to the shmop_write function, (2) an "integer overflow/underflow" in the pack function, or (3) an "integer overflow/underflow" in the unpack function. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion.
References
Vulnerable Configurations
  • cpe:2.3:a:php:php:-:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:-:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:0.1:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:0.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:0.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:0.2:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:0.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:0.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:0.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:0.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:0.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:0.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:0.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:0.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:0.2.4:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:0.2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:0.3:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:0.4:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:0.5:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:0.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:0.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:0.5.3:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:0.5.3:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:0.6:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:0.7:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:0.9:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:0.9:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:0.9.0:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:0.9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:0.9.1:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:0.9.1:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:0.9.2:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:0.9.2:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:0.9.3:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:0.9.3:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:0.9.4:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:0.9.4:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:0.10:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:0.10:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:0.11:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:0.11:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:0.90:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:0.90:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:0.91:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:0.91:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:1.0:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:1.0:beta1:*:*:*:*:*:*
    cpe:2.3:a:php:php:1.0:beta1:*:*:*:*:*:*
  • cpe:2.3:a:php:php:1.0:beta2:*:*:*:*:*:*
    cpe:2.3:a:php:php:1.0:beta2:*:*:*:*:*:*
  • cpe:2.3:a:php:php:1.0:beta3:*:*:*:*:*:*
    cpe:2.3:a:php:php:1.0:beta3:*:*:*:*:*:*
  • cpe:2.3:a:php:php:1.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:php:php:1.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:php:php:1.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:php:php:1.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:php:php:1.0.0:-:*:*:*:*:*:*
    cpe:2.3:a:php:php:1.0.0:-:*:*:*:*:*:*
  • cpe:2.3:a:php:php:1.0.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:php:php:1.0.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:php:php:1.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:1.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:1.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:1.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:1.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:1.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:1.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:1.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:1.1:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:1.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:1.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:1.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:1.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:1.2:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:1.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:1.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:1.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:1.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:1.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:1.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:1.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:1.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:1.2.4:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:1.2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:1.2.5:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:1.2.5:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:1.3:-:*:*:*:*:*:*
    cpe:2.3:a:php:php:1.3:-:*:*:*:*:*:*
  • cpe:2.3:a:php:php:1.3:beta2:*:*:*:*:*:*
    cpe:2.3:a:php:php:1.3:beta2:*:*:*:*:*:*
  • cpe:2.3:a:php:php:1.3:beta3:*:*:*:*:*:*
    cpe:2.3:a:php:php:1.3:beta3:*:*:*:*:*:*
  • cpe:2.3:a:php:php:1.3:beta6:*:*:*:*:*:*
    cpe:2.3:a:php:php:1.3:beta6:*:*:*:*:*:*
  • cpe:2.3:a:php:php:1.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:1.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:1.3.5:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:1.3.5:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:1.4:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:1.5:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:2.0:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:2.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:2.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:2.0.0:-:*:*:*:*:*:*
    cpe:2.3:a:php:php:2.0.0:-:*:*:*:*:*:*
  • cpe:2.3:a:php:php:2.0.0:alpha1:*:*:*:*:*:*
    cpe:2.3:a:php:php:2.0.0:alpha1:*:*:*:*:*:*
  • cpe:2.3:a:php:php:2.0.0:alpha2:*:*:*:*:*:*
    cpe:2.3:a:php:php:2.0.0:alpha2:*:*:*:*:*:*
  • cpe:2.3:a:php:php:2.0.0:beta1:*:*:*:*:*:*
    cpe:2.3:a:php:php:2.0.0:beta1:*:*:*:*:*:*
  • cpe:2.3:a:php:php:2.0.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:php:php:2.0.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:php:php:2.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:2.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:2.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:2.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:2.0b10:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:2.0b10:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:3.0:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:3.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:3.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:3.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:3.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:3.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:3.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:3.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:3.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:3.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:3.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:3.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:3.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:3.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:3.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:3.0.8:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:3.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:3.0.9:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:3.0.9:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:3.0.10:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:3.0.10:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:3.0.11:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:3.0.11:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:3.0.12:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:3.0.12:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:3.0.13:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:3.0.13:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:3.0.14:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:3.0.14:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:3.0.15:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:3.0.15:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:3.0.16:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:3.0.16:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:3.0.17:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:3.0.17:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:3.0.18:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:3.0.18:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.0:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.0:-:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.0:-:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.0:beta1:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.0:beta1:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.0:beta2:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.0:beta2:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.0:beta3:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.0:beta3:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.0:beta4:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.0:beta4:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.0:beta_4_patch1:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.0:beta_4_patch1:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.0.1:-:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.0.1:-:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.0.1:rc:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.0.1:rc:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.0.1:rc2:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.0.1:rc2:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.0.2:rc1:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.0.2:rc1:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.0.3:rc1:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.0.3:rc1:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.0.3:rc2:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.0.3:rc2:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.0.4:-:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.0.4:-:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.0.4:rc1:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.0.4:rc1:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.0.4:rc2:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.0.4:rc2:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.0.4:rc3:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.0.4:rc3:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.0.4:rc4:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.0.4:rc4:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.0.4:rc5:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.0.4:rc5:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.0.4:rc6:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.0.4:rc6:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.0.5:-:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.0.5:-:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.0.5:rc1:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.0.5:rc1:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.0.5:rc2:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.0.5:rc2:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.0.5:rc3:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.0.5:rc3:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.0.5:rc4:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.0.5:rc4:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.0.5:rc5:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.0.5:rc5:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.0.5:rc6:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.0.5:rc6:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.0.5:rc7:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.0.5:rc7:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.0.5:rc8:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.0.5:rc8:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.0.6:-:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.0.6:-:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.0.6:rc1:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.0.6:rc1:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.0.6:rc2:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.0.6:rc2:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.0.6:rc3:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.0.6:rc3:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.0.6:rc4:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.0.6:rc4:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.0.7:-:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.0.7:-:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.0.7:rc1:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.0.7:rc1:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.0.7:rc2:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.0.7:rc2:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.0.7:rc3:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.0.7:rc3:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.1.0:-:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.1.0:-:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.1.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.1.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.1.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.1.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.1.0:rc3:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.1.0:rc3:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.1.0:rc4:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.1.0:rc4:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.1.0:rc5:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.1.0:rc5:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.2:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.2.0:-:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.2.0:-:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.2.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.2.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.2.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.2.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.2.0:rc3:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.2.0:rc3:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.2.0:rc4:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.2.0:rc4:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.2.1:-:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.2.1:-:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.2.1:rc1:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.2.1:rc1:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.2.1:rc2:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.2.1:rc2:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.2.3:-:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.2.3:-:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.2.3:rc1:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.2.3:rc1:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.2.3:rc2:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.2.3:rc2:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.2.4:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.3:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.3:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.3.0:-:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.3.0:-:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.3.0:alpha1:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.3.0:alpha1:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.3.0:alpha2:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.3.0:alpha2:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.3.0:alpha3:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.3.0:alpha3:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.3.0:dev:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.3.0:dev:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.3.0:pre1:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.3.0:pre1:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.3.0:pre2:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.3.0:pre2:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.3.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.3.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.3.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.3.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.3.0:rc3:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.3.0:rc3:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.3.0:rc4:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.3.0:rc4:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.3.2:-:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.3.2:-:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.3.2:rc1:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.3.2:rc1:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.3.2:rc2:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.3.2:rc2:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.3.2:rc3:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.3.2:rc3:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.3.2:rc4:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.3.2:rc4:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.3.3:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.3.3:-:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.3.3:-:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.3.3:rc1:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.3.3:rc1:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.3.3:rc2:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.3.3:rc2:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.3.3:rc3:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.3.3:rc3:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.3.3:rc4:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.3.3:rc4:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.3.4:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.3.4:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.3.4:-:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.3.4:-:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.3.4:rc1:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.3.4:rc1:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.3.4:rc2:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.3.4:rc2:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.3.4:rc3:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.3.4:rc3:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.3.5:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.3.5:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.3.5:-:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.3.5:-:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.3.5:rc1:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.3.5:rc1:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.3.5:rc2:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.3.5:rc2:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.3.5:rc3:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.3.5:rc3:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.3.5:rc4:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.3.5:rc4:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.3.6:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.3.6:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.3.6:-:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.3.6:-:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.3.6:rc1:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.3.6:rc1:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.3.6:rc2:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.3.6:rc2:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.3.6:rc3:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.3.6:rc3:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.3.7:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.3.7:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.3.7:-:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.3.7:-:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.3.7:rc1:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.3.7:rc1:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.3.8:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.3.8:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.3.9:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.3.9:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.3.9:rc1:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.3.9:rc1:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.3.9:rc2:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.3.9:rc2:*:*:*:*:*:*
  • cpe:2.3:a:php:php:4.3.9:rc3:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.3.9:rc3:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:4.10:*:*:*:*:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:4.10:*:*:*:*:*:*:*
CVSS
Base: 10.0 (as of 08-12-2020 - 18:49)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:C/I:C/A:C
oval via4
accepted 2013-04-29T04:10:12.307-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 3
    oval oval:org.mitre.oval:def:11782
  • comment CentOS Linux 3.x
    oval oval:org.mitre.oval:def:16651
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
description Multiple integer handling errors in PHP before 4.3.10 allow attackers to bypass safe mode restrictions, cause a denial of service, or execute arbitrary code via (1) a negative offset value to the shmop_write function, (2) an "integer overflow/underflow" in the pack function, or (3) an "integer overflow/underflow" in the unpack function. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion.
family unix
id oval:org.mitre.oval:def:10949
status accepted
submitted 2010-07-09T03:56:16-04:00
title . NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion.
version 30
redhat via4
advisories
  • rhsa
    id RHSA-2005:032
  • rhsa
    id RHSA-2005:816
rpms
  • php-0:4.3.2-19.ent
  • php-debuginfo-0:4.3.2-19.ent
  • php-devel-0:4.3.2-19.ent
  • php-imap-0:4.3.2-19.ent
  • php-ldap-0:4.3.2-19.ent
  • php-mysql-0:4.3.2-19.ent
  • php-odbc-0:4.3.2-19.ent
  • php-pgsql-0:4.3.2-19.ent
  • php-0:4.3.9-3.2
  • php-debuginfo-0:4.3.9-3.2
  • php-devel-0:4.3.9-3.2
  • php-domxml-0:4.3.9-3.2
  • php-gd-0:4.3.9-3.2
  • php-imap-0:4.3.9-3.2
  • php-ldap-0:4.3.9-3.2
  • php-mbstring-0:4.3.9-3.2
  • php-mysql-0:4.3.9-3.2
  • php-ncurses-0:4.3.9-3.2
  • php-odbc-0:4.3.9-3.2
  • php-pear-0:4.3.9-3.2
  • php-pgsql-0:4.3.9-3.2
  • php-snmp-0:4.3.9-3.2
  • php-xmlrpc-0:4.3.9-3.2
refmap via4
bid 12045
bugtraq
  • 20041215 Advisory 01/2004: Multiple vulnerabilities in PHP 4/5
  • 20041219 PHP shmop.c module permits write of arbitrary memory.
confirm http://www.php.net/release_4_3_10.php
fedora FLSA:2344
hp HPSBMA01212
mandrake
  • MDKSA-2004:151
  • MDKSA-2005:072
misc http://www.hardened-php.net/advisories/012004.txt
osvdb 12411
ubuntu USN-99-1
xf php-shmopwrite-outofbounds-memory(18515)
Last major update 08-12-2020 - 18:49
Published 10-01-2005 - 05:00
Last modified 08-12-2020 - 18:49
Back to Top