VYPR
Unrated severityNVD Advisory· Published Jan 10, 2005· Updated Jun 16, 2026

CVE-2004-1018

CVE-2004-1018

Description

Multiple integer handling errors in PHP before 4.3.10 allow attackers to bypass safe mode restrictions, cause a denial of service, or execute arbitrary code via (1) a negative offset value to the shmop_write function, (2) an "integer overflow/underflow" in the pack function, or (3) an "integer overflow/underflow" in the unpack function. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • PHP/PHP2 versions
    cpe:2.3:a:php:php:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:php:php:*:*:*:*:*:*:*:*range: <4.3.10
    • (no CPE)range: <4.3.10
  • cpe:2.3:o:canonical:ubuntu_linux:4.10:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

15

News mentions

0

No linked articles in our index yet.