CVE-2002-0081 | Vulnerability Database | Aqua Security

Buffer overflows in (1) php_mime_split in PHP 4.1.0, 4.1.1, and 4.0.6 and earlier, and (2) php3_mime_split in PHP 3.0.x allows remote attackers to execute arbitrary code via a multipart/form-data HTTP POST request when file_uploads is enabled.

Affected Software

Name	Vendor	Start Version	End Version
Php	Php	3.0 (including)	3.0 (including)
Php	Php	4.0.6 (including)	4.0.6 (including)
Php	Php	4.1.0 (including)	4.1.0 (including)
Php	Php	4.1.1 (including)	4.1.1 (including)

References

http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000468
http://marc.info/?l=bugtraq\u0026m=101484705523351\u0026w=2
http://marc.info/?l=bugtraq\u0026m=101497256024338\u0026w=2
http://marc.info/?l=bugtraq\u0026m=101537076619812\u0026w=2
http://marc.info/?l=ntbugtraq\u0026m=101484975231922\u0026w=2
http://marc.info/?l=vuln-dev\u0026m=101468694824998\u0026w=2
http://online.securityfocus.com/advisories/3911
http://security.e-matters.de/advisories/012002.html
http://www.cert.org/advisories/CA-2002-05.html
http://www.debian.org/security/2002/dsa-115
http://www.iss.net/security_center/static/8281.php
http://www.kb.cert.org/vuls/id/297363
http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-017.php
http://www.linuxsecurity.com/advisories/other_advisory-1924.html
http://www.novell.com/linux/security/advisories/2002_007_mod_php4_txt.html
http://www.php.net/downloads.php
http://www.redhat.com/support/errata/RHSA-2002-035.html
http://www.redhat.com/support/errata/RHSA-2002-040.html
http://www.securityfocus.com/bid/4183

NVD	https://nvd.nist.gov/vuln/detail/CVE-2002-0081
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html