Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2004-0594

Опубликовано: 27 июл. 2004
Источник: nvd
CVSS2: 5.1
EPSS Высокий

Описание

The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of the zend_hash_init function and overwriting a HashTable destructor pointer before the initialization of key data structures is complete.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:openpkg:openpkg:2.0:*:*:*:*:*:*:*
cpe:2.3:a:openpkg:openpkg:2.1:*:*:*:*:*:*:*
cpe:2.3:h:avaya:converged_communications_server:2.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:b.11.00:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:b.11.11:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:b.11.22:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:b.11.23:*:*:*:*:*:*:*
cpe:2.3:o:trustix:secure_linux:1.5:*:*:*:*:*:*:*
cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*
cpe:2.3:o:trustix:secure_linux:2.1:*:*:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
Версия от 4.0 (включая) до 4.3.7 (исключая)
cpe:2.3:a:php:php:5.0.0:beta1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.0.0:beta2:*:*:*:*:*:*
cpe:2.3:a:php:php:5.0.0:beta3:*:*:*:*:*:*
cpe:2.3:a:php:php:5.0.0:beta4:*:*:*:*:*:*
cpe:2.3:a:php:php:5.0.0:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.0.0:rc2:*:*:*:*:*:*

EPSS

Процентиль: 99%
0.86915
Высокий

5.1 Medium

CVSS2

Дефекты

CWE-367

Связанные уязвимости

redhat логотип

CVE-2004-0594

redhat
почти 21 год назад

The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of the zend_hash_init function and overwriting a HashTable destructor pointer before the initialization of key data structures is complete.

debian логотип

CVE-2004-0594

debian
почти 21 год назад

The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5 ...

github логотип

GHSA-jm2p-9h9p-vg22

github
около 3 лет назад

The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of the zend_hash_init function and overwriting a HashTable destructor pointer before the initialization of key data structures is complete.

EPSS

Процентиль: 99%
0.86915
Высокий

5.1 Medium

CVSS2

Дефекты

CWE-367