PHP is vulnerable to a buffer overflow when the popen() function is enabled. A remote attacker could exploit this vulnerability using unknown attack vectors to overflow a buffer and execute arbitrary code on the system with the privileges of the Web server or cause the application to crash.