Unrated severityNVD Advisory· Published Jan 10, 2005· Updated Jun 16, 2026
CVE-2004-1018
CVE-2004-1018
Description
Multiple integer handling errors in PHP before 4.3.10 allow attackers to bypass safe mode restrictions, cause a denial of service, or execute arbitrary code via (1) a negative offset value to the shmop_write function, (2) an "integer overflow/underflow" in the pack function, or (3) an "integer overflow/underflow" in the unpack function. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- cpe:2.3:o:canonical:ubuntu_linux:4.10:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
15- marc.infonvdIssue TrackingThird Party Advisory
- www.hardened-php.net/advisories/012004.txtnvdThird Party Advisory
- www.mandriva.com/security/advisoriesnvdThird Party Advisory
- www.mandriva.com/security/advisoriesnvdThird Party Advisory
- www.php.net/release_4_3_10.phpnvdRelease NotesVendor Advisory
- www.redhat.com/support/errata/RHSA-2005-032.htmlnvdThird Party Advisory
- www.redhat.com/support/errata/RHSA-2005-816.htmlnvdThird Party Advisory
- www.securityfocus.com/advisories/9028nvdThird Party AdvisoryVDB Entry
- www.securityfocus.com/archive/1/384920nvdThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/12045nvdThird Party AdvisoryVDB Entry
- exchange.xforce.ibmcloud.com/vulnerabilities/18515nvdThird Party AdvisoryVDB Entry
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10949nvdThird Party Advisory
- www.ubuntu.com/usn/usn-99-1/nvdThird Party Advisory
- www.osvdb.org/12411nvdBroken Link
- bugzilla.fedora.us/show_bug.cginvdBroken Link
News mentions
0No linked articles in our index yet.