Reported February 27, 2002, by e-matters, GmbH.
PHP scripting language, all versions up to 4.2.0
Multiple vulnerabilities exist in the PHP scripting language’s file upload code that can let an attacker remotely compromise a vulnerable server. Several problems exist in the way PHP handles multipart/form-data POST requests. An attacker could use each of these problems to execute arbitrary code on the vulnerable system.
Discovered by Stefan Esser.