CVE-2003-0166

2003-03-2705:00:00

mitre

www.cve.org

7.9 High

AI Score

Confidence

High

0.11 Low

EPSS

Percentile

95.1%

JSON

Integer signedness error in emalloc() function for PHP before 4.3.2 allow remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via negative arguments to functions such as (1) socket_recv, (2) socket_recvfrom, and possibly other functions.

References

distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000691

marc.info/?l=bugtraq&m=104869828526885&w=2

marc.info/?l=bugtraq&m=104878100719467&w=2

marc.info/?l=bugtraq&m=104931415307111&w=2

www.securityfocus.com/bid/7197

www.securityfocus.com/bid/7198