Main Vulnerability Database Exploits ID:11493 - Exploit for Integer overflow in PHP - CVE-2010-1866

ID:11493 - Exploit for Integer overflow in PHP - CVE-2010-1866

Published: June 8, 2025

Vulnerability identifier: #VU110307

Vulnerability risk: High

CVE-ID: CVE-2010-1866

CWE-ID: CWE-190

Exploitation vector: Remote access

Vulnerable software:
PHP

Link to public exploit:

https://www.exploit-db.com/exploits/33920/

Vulnerability description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

The dechunk filter in PHP 5.3 through 5.3.2, when decoding an HTTP chunked encoding stream, allows context-dependent attackers to cause a denial of service (crash) and possibly trigger memory corruption via a negative chunk size, which bypasses a signed comparison, related to an integer overflow in the chunk size decoder.

Remediation

Install update from vendor's website.

ID:11493 - Exploit for Integer overflow in PHP - CVE-2010-1866

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human