Published: 27/07/2004 Updated: 15/02/2024

CVSS v2 Base Score: 5.1 | Impact Score: 6.4 | Exploitability Score: 4.9

VMScore: 515

Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P

The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote malicious users to execute arbitrary code by triggering a memory_limit abort during execution of the zend_hash_init function and overwriting a HashTable destructor pointer before the initialization of key data structures is complete.

Vulnerable Product	Search on Vulmon	Subscribe to Product
openpkg openpkg 2.0
trustix secure linux 2.0
hp hp-ux b.11.23
openpkg openpkg 2.1
hp hp-ux b.11.11
avaya converged communications server 2.0
trustix secure linux 1.5
hp hp-ux b.11.00
trustix secure linux 2.1
debian debian linux 3.0
hp hp-ux b.11.22
php php 5.0.0
php php

Synopsis php security update Type/Severity Security Advisory: Important Topic Updated php packages that fix various security issues are now available Description PHP is an HTML-embedded scripting language commonly used with the ApacheHTTP serverStefan Esser discovered a flaw when memory_l ...

Two vulnerabilities have been discovered in php4 which also apply to the version of php3 in the stable Debian distribution The Common Vulnerabilities and Exposures project identifies the following problems: CAN-2004-0594 The memory_limit functionality allows remote attackers to execute arbitrary code under certain circumstances CAN-2004- ...

Two vulnerabilities were discovered in php4: CAN-2004-0594 The memory_limit functionality in PHP 4x up to 437, and 5x up to 500RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of the zend_hash_init funct ...

/* Remote exploit for the php memory_limit vulnerability found by Stefan * Esser in php 4 (<= 437) and php 5 (<= 500RC3) * * by Gyan Chawdhary (gunnu45@hotmailcom) * (felinemenaceorg/~gyan) * * Greets * SEsser for the vuln and mlxdebugtgz, everything in the code is based on it * scrippie, gera, riq, jaguar, girish, n2n ...

CWE-367 http://lists.grok.org.uk/pipermail/full-disclosure/2004-July/023908.html http://www.debian.org/security/2004/dsa-531 http://www.debian.org/security/2005/dsa-669 http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:068 http://www.redhat.com/support/errata/RHSA-2004-392.html http://www.redhat.com/support/errata/RHSA-2004-395.html http://www.redhat.com/support/errata/RHSA-2004-405.html http://www.novell.com/linux/security/advisories/2004_21_php4.html http://www.trustix.org/errata/2004/0039/http://www.gentoo.org/security/en/glsa/glsa-200407-13.xml http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000847 http://www.redhat.com/support/errata/RHSA-2005-816.html http://www.securityfocus.com/bid/10725 http://marc.info/?l=bugtraq&m=109051444105182&w=2 http://marc.info/?l=bugtraq&m=108981780109154&w=2 http://marc.info/?l=bugtraq&m=109181600614477&w=2 http://marc.info/?l=bugtraq&m=108982983426031&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/16693 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10896 https://access.redhat.com/errata/RHSA-2004:392 https://nvd.nist.gov https://www.exploit-db.com/exploits/660/https://www.debian.org/security/./dsa-669

CVE-2004-0594

Vulnerability Summary

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect