Lucene search

[email protected]NVD:CVE-2003-0166

HistoryApr 02, 2003 - 5:00 a.m.

CVE-2003-0166

2003-04-0205:00:00

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.9

Confidence

High

EPSS

0.088

Percentile

94.6%

JSON

Integer signedness error in emalloc() function for PHP before 4.3.2 allow remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via negative arguments to functions such as (1) socket_recv, (2) socket_recvfrom, and possibly other functions.

Affected configurations

Nvd

Node

phpphpMatch4.0

phpphpMatch4.0.1

phpphpMatch4.0.2

phpphpMatch4.0.3

phpphpMatch4.0.4

phpphpMatch4.0.5

phpphpMatch4.0.6

phpphpMatch4.0.7

phpphpMatch4.1.0

phpphpMatch4.1.1

phpphpMatch4.1.2

phpphpMatch4.2.0

phpphpMatch4.2.1

phpphpMatch4.2.2

phpphpMatch4.2.3

phpphpMatch4.3.0

phpphpMatch4.3.1

References

distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000691

marc.info/?l=bugtraq&m=104869828526885&w=2

marc.info/?l=bugtraq&m=104878100719467&w=2

marc.info/?l=bugtraq&m=104931415307111&w=2

www.securityfocus.com/bid/7197

www.securityfocus.com/bid/7198

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.9

Confidence

High

EPSS

0.088

Percentile

94.6%

JSON

Related for NVD:CVE-2003-0166

nessus1 cvelist1 cve1