CVE-2003-0166
published 2003-04-02CVE-2003-0166: Integer signedness error in emalloc() function for PHP before 4.3.2 allow remote attackers to cause a denial of service (memory consumption) and possibly…
PriorityP432high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
14.12%
96.1th percentile
Integer signedness error in emalloc() function for PHP before 4.3.2 allow remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via negative arguments to functions such as (1) socket_recv, (2) socket_recvfrom, and possibly other functions.
Affected
17 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
PHP 4.x - 'socket_recv()' Signed Integer Memory Corruption
exploitdb·2003-03-26
CVE-2003-0166 PHP 4.x - 'socket_recv()' Signed Integer Memory Corruption
PHP 4.x - 'socket_recv()' Signed Integer Memory Corruption
---
source: https://www.securityfocus.com/bid/7197/info
A vulnerability has been reported in PHP versions 4.3.1 and earlier. The problem occurs in the socket_recv() and may allow an attacker to corrupt memory. Specifically, the affected function fails to carry out sanity checks on user-supplied argument values, making it prone to an integer overflow.
This may make it possible for an attacker to trigger a denial of service. Although it has not been confirmed, it may also be possible to exploit this issue to execute arbitrary code.
It should be noted that socket functionality is only included in PHP if compiled with the "--enable-sockets" option.
Exploit-DB
PHP 4.x - 'socket_recvfrom()' Signed Integer Memory Corruption
exploitdb·2003-03-26
CVE-2003-0166 PHP 4.x - 'socket_recvfrom()' Signed Integer Memory Corruption
PHP 4.x - 'socket_recvfrom()' Signed Integer Memory Corruption
---
source: https://www.securityfocus.com/bid/7198/info
A vulnerability has been reported in PHP versions 4.3.1 and earlier. The problem occurs in the socket_recvfrom() and may allow an attacker to corrupt memory. Specifically, the affected function fails to carry out sanity checks on user-supplied argument values, making it prone to an integer overflow.
This may make it possible for an attacker to trigger a denial of service. Although it has not been confirmed, it may also be possible to exploit this issue to execute arbitrary code.
It should be noted that socket functionality is only included in PHP if compiled with the "--enable-sockets" option.
Exploit-DB
PHP 4.3 - 'socket_iovec_alloc()' Integer Overflow
exploitdb·2003-03-25
CVE-2003-0166 PHP 4.3 - 'socket_iovec_alloc()' Integer Overflow
PHP 4.3 - 'socket_iovec_alloc()' Integer Overflow
---
source: https://www.securityfocus.com/bid/7187/info
A vulnerability has been reported in PHP versions 4.3.1 and earlier. The problem occurs in the socket_iovec_alloc() and may allow an attacker to corrupt memory. Specifically, the affected function fails to carry out sanity checks on user-supplied argument values, making it prone to an integer overflow.
This may make it possible for an attacker to trigger a denial of service. Although it has not been confirmed, it may also be possible to exploit this issue to execute arbitrary code.
It should be noted that socket functionality is only included in PHP if compiled with the "--enable-sockets" option.
No writeups or analysis indexed.
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000691http://marc.info/?l=bugtraq&m=104869828526885&w=2http://marc.info/?l=bugtraq&m=104878100719467&w=2http://marc.info/?l=bugtraq&m=104931415307111&w=2http://www.securityfocus.com/bid/7197http://www.securityfocus.com/bid/7198http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000691http://marc.info/?l=bugtraq&m=104869828526885&w=2http://marc.info/?l=bugtraq&m=104878100719467&w=2http://marc.info/?l=bugtraq&m=104931415307111&w=2http://www.securityfocus.com/bid/7197http://www.securityfocus.com/bid/7198
2003-04-02
Published