ID:11604 - Exploit for Input validation error in PHP - CVE-2003-0166

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Exploits ID:11604 - Exploit for Input validation error in PHP - CVE-2003-0166

ID:11604 - Exploit for Input validation error in PHP - CVE-2003-0166

Published: June 13, 2025


Vulnerability identifier: #VU110530
Vulnerability risk: Medium
CVE-ID: CVE-2003-0166
CWE-ID: CWE-20
Exploitation vector: Remote access
Vulnerable software:
PHP

Link to public exploit:


Vulnerability description

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

Integer signedness error in emalloc() function for PHP before 4.3.2 allow remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via negative arguments to functions such as (1) socket_recv, (2) socket_recvfrom, and possibly other functions.


Remediation

Install update from vendor's website.