CVE-2005-4154

3 documents3 sources

Severity

5.1MEDIUM

EPSS

1.2%

top 20.73%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

PHP Pear

Timeline

PublishedDec 11

Latest updateMay 1

Description

Unspecified vulnerability in PEAR installer 1.4.2 and earlier allows user-assisted attackers to execute arbitrary code via a crafted package that can execute code when the pear command is executed or when the Web/Gtk frontend is loaded.

CVSS vector

AV:N/AC:H/C:P/I:P/A:PExploitability: 4.9 | Impact: 6.4

Affected Packages1 packages

▶NVDphp/pear1.4.2+18

Patches

Patch: pear.php.net ↗Patch: secunia.com ↗Patch: securitytracker.com ↗

🔴Vulnerability Details

GHSA

GHSA-2fq6-65pq-cxpj: Unspecified vulnerability in PEAR installer 1↗2022-05-01

▶

CVEList

CVE-2005-4154: Unspecified vulnerability in PEAR installer 1↗2005-12-11

▶