Multiple vulnerabilities in PHP

Published: 2008-09-05 | Updated: 2025-06-08

Risk	Medium
Patch available	YES
Number of vulnerabilities	3
CVE-ID	CVE-2002-2214 CVE-2002-0985 CVE-2002-0717
CWE-ID	CWE-20 CWE-88
Exploitation vector	Network
Public exploit	N/A
Vulnerable software	PHP Universal components / Libraries / Scripting languages
Vendor	PHP Group

Security Bulletin

This security bulletin contains information about 3 vulnerabilities.

1) Input validation error

EUVDB-ID: #VU110536

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2002-2214

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The php_if_imap_mime_header_decode function in the IMAP functionality in PHP before 4.2.2 allows remote attackers to cause a denial of service (crash) via an e-mail header with a long "To" header.

Mitigation

Install update from vendor's website.

Vulnerable software versions

PHP: 4.2 - 4.2.1

CPE2.3

External links

https://bugs.php.net/bug.php?id=15595
https://secunia.com/advisories/21202
https://www.redhat.com/support/errata/RHSA-2006-0567.html
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=175040

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Improper Neutralization of Argument Delimiters in a Command

EUVDB-ID: #VU110539

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2002-0985

CWE-ID: CWE-88 - Argument Injection or Modification

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

Argument injection vulnerability in the mail function for PHP 4.x to 4.2.2 may allow attackers to bypass safe mode restrictions and modify command line arguments to the MTA (e.g. sendmail) in the 5th argument to mail(), altering MTA behavior and possibly executing commands.

Mitigation

Install update from vendor's website.

Vulnerable software versions

PHP: 4.2 - 4.2.1

CPE2.3

External links

https://www.redhat.com/support/errata/RHSA-2002-213.html
https://www.debian.org/security/2002/dsa-168
https://www.redhat.com/support/errata/RHSA-2002-214.html
https://www.redhat.com/support/errata/RHSA-2002-243.html
https://www.redhat.com/support/errata/RHSA-2002-244.html
https://www.redhat.com/support/errata/RHSA-2002-248.html
https://www.redhat.com/support/errata/RHSA-2003-159.html
https://www.novell.com/linux/security/advisories/2002_036_modphp4.html
https://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000545
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-008.0.txt
https://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:082
https://www.osvdb.org/2111
https://marc.info/?l=bugtraq&m=103011916928204&w=2
https://marc.info/?l=bugtraq&m=105760591228031&w=2
https://exchange.xforce.ibmcloud.com/vulnerabilities/9966

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Input validation error

EUVDB-ID: #VU110542

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2002-0717

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

PHP 4.2.0 and 4.2.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an HTTP POST request with certain arguments in a multipart/form-data form, which generates an error condition that is not properly handled and causes improper memory to be freed.

Mitigation

Install update from vendor's website.

Vulnerable software versions

PHP: 4.2 - 4.2.1

CPE2.3

External links

https://marc.info/?l=bugtraq&m=102734515923277&w=2
https://marc.info/?l=bugtraq&m=102734516023281&w=2
https://www.cert.org/advisories/CA-2002-21.html
https://www.iss.net/security_center/static/9635.php
https://www.kb.cert.org/vuls/id/929115

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.