Vulnerability Details : CVE-2004-0594
The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of the zend_hash_init function and overwriting a HashTable destructor pointer before the initialization of key data structures is complete.
Vulnerability category: Execute code
Products affected by CVE-2004-0594
- cpe:2.3:o:hp:hp-ux:b.11.11:*:*:*:*:*:*:*
- cpe:2.3:o:hp:hp-ux:b.11.00:*:*:*:*:*:*:*
- cpe:2.3:o:hp:hp-ux:b.11.23:*:*:*:*:*:*:*
- cpe:2.3:o:hp:hp-ux:b.11.22:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.0.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.0.0:beta4:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.0.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.0.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.0.0:beta3:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.0.0:rc2:*:*:*:*:*:*
- cpe:2.3:o:trustix:secure_linux:1.5:*:*:*:*:*:*:*
- cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*
- cpe:2.3:o:trustix:secure_linux:2.1:*:*:*:*:*:*:*
- cpe:2.3:h:avaya:converged_communications_server:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:openpkg:openpkg:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:openpkg:openpkg:2.1:*:*:*:*:*:*:*
Threat overview for CVE-2004-0594
Top countries where our scanners detected CVE-2004-0594
Top open port discovered on systems with this issue
80
IPs affected by CVE-2004-0594 1,819
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2004-0594!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2004-0594
86.92%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 99 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2004-0594
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
5.1
|
MEDIUM | AV:N/AC:H/Au:N/C:P/I:P/A:P |
4.9
|
6.4
|
NIST |
CWE ids for CVE-2004-0594
-
The product checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check. This can cause the product to perform invalid actions when the resource is in an unexpected state.Assigned by: nvd@nist.gov (Primary)
References for CVE-2004-0594
-
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000847
CONECTIVA | Análises dos Melhores Produtos Online (#10 Melhores)Broken Link
-
http://www.redhat.com/support/errata/RHSA-2004-405.html
SupportBroken Link
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10896
404 Not FoundBroken Link
-
http://www.redhat.com/support/errata/RHSA-2004-395.html
SupportBroken Link
-
http://www.gentoo.org/security/en/glsa/glsa-200407-13.xml
PHP: Multiple security vulnerabilities (GLSA 200407-13) — Gentoo securityThird Party Advisory
-
http://www.novell.com/linux/security/advisories/2004_21_php4.html
404 Page Not Found | SUSEBroken Link
-
http://www.debian.org/security/2004/dsa-531
Debian -- The Universal Operating SystemBroken Link
-
http://www.redhat.com/support/errata/RHSA-2004-392.html
SupportBroken Link
-
http://www.redhat.com/support/errata/RHSA-2005-816.html
SupportBroken Link
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/16693
PHP memory_limit code execution CVE-2004-0594 Vulnerability ReportThird Party Advisory;VDB Entry
-
http://www.securityfocus.com/bid/10725
Broken Link;Third Party Advisory;VDB Entry
-
http://marc.info/?l=bugtraq&m=108981780109154&w=2
'Advisory 11/2004: PHP memory_limit remote vulnerability' - MARCThird Party Advisory
-
http://www.trustix.org/errata/2004/0039/
Trustix | Empowering Trust and Security in the Digital AgeBroken Link
-
http://marc.info/?l=bugtraq&m=109181600614477&w=2
'[security bulletin] SSRT4777 HP-UX Apache, PHP remote code execution, Denial of Service' - MARCThird Party Advisory
-
http://lists.grok.org.uk/pipermail/full-disclosure/2004-July/023908.html
[Full-Disclosure] Mailing List CharterBroken Link;URL Repurposed
-
http://www.debian.org/security/2005/dsa-669
[SECURITY] [DSA 669-1] New php3 packages fix several vulnerabilitiesMailing List
-
http://marc.info/?l=bugtraq&m=109051444105182&w=2
'[OpenPKG-SA-2004.034] OpenPKG Security Advisory (php)' - MARCThird Party Advisory
-
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:068
Broken Link
-
http://marc.info/?l=bugtraq&m=108982983426031&w=2
'TSSA-2004-013 - php' - MARCThird Party Advisory
Jump to