CVE-2004-0594
Public Exploits 1
ExploitDB · 1 EDB-660 [remote]
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2004-0594
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of the zend_hash_init function and overwriting a HashTable destructor pointer before the initialization of key data structures is complete.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
PHP执行任意代码漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
PHP 4.x到 4.3.7版本以及5.x 到5.0.0RC3版本的memory_limit函数存在漏洞。在例如当启用register_globals条件下时,远程攻击者在zend_hash_init函数的执行过程中触发memory_limit中止以及在关键数据结构初始化完成之前覆盖HashTable析构函数指针来执行任意代码。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Shenlong Deep Dive — AI Deep Analysis
10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2004-0594
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2004-0594
请登录查看更多情报信息。
Vendor Advisories for CVE-2004-0594 (5)
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10896vdb-entrysignaturex_refsource_OVAL
Mailing List Discussions for CVE-2004-0594 (5)
- http://lists.grok.org.uk/pipermail/full-disclosure/2004-July/023908.htmlmailing-listx_refsource_FULLDISC
Other References for CVE-2004-0594 (9)
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000847vendor-advisoryx_refsource_CONECTIVA
- http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:068vendor-advisoryx_refsource_MANDRAKE
Same Patch Batch · n/a · 2004-07-16 · 7 CVEs total
| CVE-2004-0595 | PHP strip_tags()函数绕过漏洞 | |
| CVE-2004-0632 | Adobe Acrobat/Reader文件名处理缓冲区溢出漏洞 | |
| CVE-2004-0695 | 4D WebSTAR FTP服务器 基于栈的缓冲区溢出漏洞 4D WebSTAR FTP服务器缓冲区溢出漏洞 | |
| CVE-2004-0696 | 4D WebStar多个远程信息泄露漏洞 | |
| CVE-2004-0697 | 4D WebSTAR漏洞 | |
| CVE-2004-0698 | 4D WebSTAR读取和修改任意文件漏洞 |
IV. Related Vulnerabilities
V. Comments for CVE-2004-0594
No comments yet