Vulnerability in N/a
CVE-2004-0594
The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during e…
EPSS: 0.777 (99.0th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
References
- 2004-0039 (vendor-advisory, x_refsource_TRUSTIX)
- 20040714 Advisory 11/2004: PHP memory_limit remote vulnerability (mailing-list, x_refsource_FULLDISC)
- CLA-2004:847 (vendor-advisory, x_refsource_CONECTIVA)
- 20040714 TSSA-2004-013 - php (mailing-list, x_refsource_BUGTRAQ)
- DSA-669 (vendor-advisory, x_refsource_DEBIAN)
- RHSA-2004:395 (x_refsource_REDHAT, vendor-advisory)
- RHSA-2004:405 (x_refsource_REDHAT, vendor-advisory)
- oval:org.mitre.oval:def:10896 (signature, x_refsource_OVAL, vdb-entry)
- RHSA-2004:392 (x_refsource_REDHAT, vendor-advisory)
- DSA-531 (vendor-advisory, x_refsource_DEBIAN)