CVE-2002-1396
PHP 4.1.2-4.3.0 - Heap-Based Buffer Overflow in wordwrap Function
Title source: llmDescription
Heap-based buffer overflow in the wordwrap function in PHP after 4.1.2 and before 4.3.0 may allow attackers to cause a denial of service or execute arbitrary code.
References (9)
Core 9
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/10944
Various Sources vendor-advisory
x_refsource_mandrake
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:019
Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/6488
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2003-017.html
Third Party Advisory vendor-advisory
x_refsource_engarde
http://archives.neohapsis.com/archives/linux/engarde/2003-q1/0003.html
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=104102689503192&w=2
Third Party Advisory, VDB Entry vendor-advisory
x_refsource_gentoo
http://www.securityfocus.com/advisories/4862
Patch, Vendor Advisory x_refsource_confirm
http://bugs.php.net/bug.php?id=20927
Vendor Advisory vendor-advisory
x_refsource_suse
http://www.novell.com/linux/security/advisories/2003_009_mod_php4.html
Scores
EPSS
0.0195
EPSS Percentile
83.7%
Details
Status
published
Products (5)
php/php
4.1.2
php/php
4.2.0
php/php
4.2.1
php/php
4.2.2
php/php
4.2.3
Published
Jan 17, 2003
Tracked Since
Feb 18, 2026