Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2004-0594

The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of the zend_hash_init function and overwriting a HashTable destructor pointer before the initialization of key data structures is complete.

Published

2004-07-27T04:00:00.000

Last Modified

2025-04-03T01:03:51.193

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 5.1 (MEDIUM)

CVSSv2 Vector

AV:N/AC:H/Au:N/C:P/I:P/A:P

Access Vector: NETWORK
Access Complexity: HIGH
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: PARTIAL
Availability Impact: PARTIAL

Exploitability Score

4.9

Impact Score

6.4

Weaknesses

Type: Primary
CWE-367

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	openpkg	openpkg	2.0	Yes
Application	openpkg	openpkg	2.1	Yes
Hardware	avaya	converged_communications_server	2.0	Yes
Operating System	debian	debian_linux	3.0	Yes
Operating System	hp	hp-ux	b.11.00	Yes
Operating System	hp	hp-ux	b.11.11	Yes
Operating System	hp	hp-ux	b.11.22	Yes
Operating System	hp	hp-ux	b.11.23	Yes
Operating System	trustix	secure_linux	1.5	Yes
Operating System	trustix	secure_linux	2.0	Yes
Operating System	trustix	secure_linux	2.1	Yes
Application	php	php	< 4.3.7	Yes
Application	php	php	5.0.0	Yes
Application	php	php	5.0.0	Yes
Application	php	php	5.0.0	Yes
Application	php	php	5.0.0	Yes
Application	php	php	5.0.0	Yes
Application	php	php	5.0.0	Yes

References

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000847 Broken Link ([email protected])
http://lists.grok.org.uk/pipermail/full-disclosure/2004-July/023908.html Broken Link, URL Repurposed ([email protected])
http://marc.info/?l=bugtraq&m=108981780109154&w=2 Third Party Advisory ([email protected])
http://marc.info/?l=bugtraq&m=108982983426031&w=2 Third Party Advisory ([email protected])
http://marc.info/?l=bugtraq&m=109051444105182&w=2 Third Party Advisory ([email protected])
http://marc.info/?l=bugtraq&m=109181600614477&w=2 Third Party Advisory ([email protected])
http://www.debian.org/security/2004/dsa-531 Broken Link ([email protected])
http://www.debian.org/security/2005/dsa-669 Mailing List ([email protected])
http://www.gentoo.org/security/en/glsa/glsa-200407-13.xml Third Party Advisory ([email protected])
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:068 Broken Link ([email protected])
http://www.novell.com/linux/security/advisories/2004_21_php4.html Broken Link ([email protected])
http://www.redhat.com/support/errata/RHSA-2004-392.html Broken Link ([email protected])
http://www.redhat.com/support/errata/RHSA-2004-395.html Broken Link ([email protected])
http://www.redhat.com/support/errata/RHSA-2004-405.html Broken Link ([email protected])
http://www.redhat.com/support/errata/RHSA-2005-816.html Broken Link ([email protected])
http://www.securityfocus.com/bid/10725 Broken Link, Third Party Advisory, VDB Entry ([email protected])
http://www.trustix.org/errata/2004/0039/ Broken Link ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/16693 Third Party Advisory, VDB Entry ([email protected])
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10896 Broken Link ([email protected])
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000847 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://lists.grok.org.uk/pipermail/full-disclosure/2004-July/023908.html Broken Link, URL Repurposed (af854a3a-2127-422b-91ae-364da2661108)
http://marc.info/?l=bugtraq&m=108981780109154&w=2 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://marc.info/?l=bugtraq&m=108982983426031&w=2 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://marc.info/?l=bugtraq&m=109051444105182&w=2 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://marc.info/?l=bugtraq&m=109181600614477&w=2 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2004/dsa-531 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2005/dsa-669 Mailing List (af854a3a-2127-422b-91ae-364da2661108)
http://www.gentoo.org/security/en/glsa/glsa-200407-13.xml Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:068 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://www.novell.com/linux/security/advisories/2004_21_php4.html Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/support/errata/RHSA-2004-392.html Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/support/errata/RHSA-2004-395.html Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/support/errata/RHSA-2004-405.html Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/support/errata/RHSA-2005-816.html Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/10725 Broken Link, Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.trustix.org/errata/2004/0039/ Broken Link (af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16693 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10896 Broken Link (af854a3a-2127-422b-91ae-364da2661108)