CVE-2004-0594

First published: Fri Jul 16 2004(Updated: )

The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of the zend_hash_init function and overwriting a HashTable destructor pointer before the initialization of key data structures is complete.

Credit: cve@mitre.org cve@mitre.org

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• collector/nvd-index
• collector/nvd-historical
• agent/type
• agent/first-publish-date
• collector/nvd-api
• source/NVD
• agent/software-canonical-lookup
• agent/severity
• agent/weakness
• agent/references
• agent/author
• agent/softwarecombine
• agent/last-modified-date
• agent/description
• agent/tags
• agent/event
• collector/mitre-cve
• source/MITRE
• vendor/avaya
• canonical/avaya converged communications server
• version/avaya converged communications server/2.0
• vendor/redhat
• canonical/redhat fedora core
• version/redhat fedora core/core_1.0
• version/redhat fedora core/core_2.0
• vendor/trustix
• canonical/trustix secure linux
• version/trustix secure linux/1.5
• version/trustix secure linux/2.0
• version/trustix secure linux/2.1
• canonical/avaya integrated management
• vendor/php
• canonical/php php
• version/php php/3.0
• version/php php/3.0.1
• version/php php/3.0.2
• version/php php/3.0.3
• version/php php/3.0.4
• version/php php/3.0.5
• version/php php/3.0.6
• version/php php/3.0.7
• version/php php/3.0.8
• version/php php/3.0.9
• version/php php/3.0.10
• version/php php/3.0.11
• version/php php/3.0.12
• version/php php/3.0.13
• version/php php/3.0.14
• version/php php/3.0.15
• version/php php/3.0.16
• version/php php/3.0.17
• version/php php/3.0.18
• version/php php/4.0
• version/php php/4.0.1
• version/php php/4.0.1-patch1
• version/php php/4.0.1-patch2
• version/php php/4.0.2
• version/php php/4.0.3
• version/php php/4.0.3-patch1
• version/php php/4.0.4
• version/php php/4.0.5
• version/php php/4.0.6
• version/php php/4.0.7
• version/php php/4.0.7-rc1
• version/php php/4.0.7-rc2
• version/php php/4.0.7-rc3
• version/php php/4.1.0
• version/php php/4.1.1
• version/php php/4.1.2
• version/php php/4.2
• version/php php/4.2.0
• version/php php/4.2.1
• version/php php/4.2.2
• version/php php/4.2.3
• version/php php/4.3.0
• version/php php/4.3.1
• version/php php/4.3.2
• version/php php/4.3.3
• version/php php/4.3.5
• version/php php/4.3.6
• version/php php/4.3.7
• version/php php/5.0-rc1
• version/php php/5.0-rc2
• version/php php/5.0-rc3
• canonical/avaya s8300
• version/avaya s8300/r2.0.0
• version/avaya s8300/r2.0.1
• canonical/avaya s8500
• version/avaya s8500/r2.0.0
• version/avaya s8500/r2.0.1
• canonical/avaya s8700
• version/avaya s8700/r2.0.0
• version/avaya s8700/r2.0.1
• vendor/openpkg
• canonical/openpkg openpkg
• version/openpkg openpkg/2.0
• version/openpkg openpkg/2.1
• vendor/debian
• canonical/debian debian linux
• version/debian debian linux/3.0
• vendor/hp
• canonical/hp hp-ux
• version/hp hp-ux/b.11.00
• version/hp hp-ux/b.11.11
• version/hp hp-ux/b.11.22
• version/hp hp-ux/b.11.23
• version/php php/5.0.0-beta1
• version/php php/5.0.0-beta2
• version/php php/5.0.0-beta3
• version/php php/5.0.0-beta4
• version/php php/5.0.0-rc1
• version/php php/5.0.0-rc2