Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2004-0594

CWE-3677 documents6 sources

Severity

5.1MEDIUM

EPSS

77.7%

top 1.00%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

PHP PHP Avaya Converged Communications Server Debian Debian Linux +3 more

Timeline

PublishedJul 27

Latest updateApr 29

Description

The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of the zend_hash_init function and overwriting a HashTable destructor pointer before the initialization of key data structures is complete.

CVSS vector

AV:N/AC:H/C:P/I:P/A:PExploitability: 4.9 | Impact: 6.4

Affected Packages5 packages

▶NVDphp/php4.0 — 4.3.7+1

▶NVDhp/hp-ux4 versions+3

▶NVDopenpkg/openpkg2.0, 2.1+1

▶NVDtrustix/secure_linux1.5, 2.0, 2.1+2

▶NVDavaya/converged_communications_server2.0

Also affects: Debian Linux 3.0

🔴Vulnerability Details

GHSA

GHSA-jm2p-9h9p-vg22: The memory_limit functionality in PHP 4↗2022-04-29

▶

CVEList

CVE-2004-0594: The memory_limit functionality in PHP 4↗2004-07-16

▶

💥Exploits & PoCs

Exploit-DB

PHP 4.3.7/5.0.0RC3 - 'memory_limit' Remote Overflow↗2004-11-27

▶

📋Vendor Advisories

Red Hat

security flaw↗2004-07-13

▶

💬Community

Bugzilla

CVE-2004-0594 security flaw↗2018-08-16

▶

Bugzilla

CVE-2004-0595 PHP flaws (CVE-2004-0594 CVE-2004-1018 CVE-2004-1019)↗2005-10-25

▶