CVE-2004-1019

Current Description

The deserialization code in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to cause a denial of service and execute arbitrary code via untrusted data to the unserialize function that may trigger "information disclosure, double-free and negative reference index array underflow" results.

Referenced by CVEs:CVE-2014-8142

Basic Data

PublishedJanuary 10, 2005
Last ModifiedOctober 30, 2018
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeCWE-20
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactCOMPLETE
CVSS 2 - Availability ImpactCOMPLETE
CVSS 2 - Base Score10.0
SeverityHIGH
Exploitability Score10.0
Impact Score10.0
Obtain All Privilegetrue
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationOpenpkgOpenpkg2.1*******
    2.3ApplicationOpenpkgOpenpkg2.2*******
    2.3ApplicationOpenpkgOpenpkgcurrent*******
    2.3ApplicationPhpPhp3.0*******
    2.3ApplicationPhpPhp3.0.1*******
    2.3ApplicationPhpPhp3.0.2*******
    2.3ApplicationPhpPhp3.0.3*******
    2.3ApplicationPhpPhp3.0.4*******
    2.3ApplicationPhpPhp3.0.5*******
    2.3ApplicationPhpPhp3.0.6*******
    2.3ApplicationPhpPhp3.0.7*******
    2.3ApplicationPhpPhp3.0.8*******
    2.3ApplicationPhpPhp3.0.9*******
    2.3ApplicationPhpPhp3.0.10*******
    2.3ApplicationPhpPhp3.0.11*******
    2.3ApplicationPhpPhp3.0.12*******
    2.3ApplicationPhpPhp3.0.13*******
    2.3ApplicationPhpPhp3.0.14*******
    2.3ApplicationPhpPhp3.0.15*******
    2.3ApplicationPhpPhp3.0.16*******
    2.3ApplicationPhpPhp3.0.17*******
    2.3ApplicationPhpPhp3.0.18*******
    2.3ApplicationPhpPhp4.0*******
    2.3ApplicationPhpPhp4.0.1*******
    2.3ApplicationPhpPhp4.0.1patch1******
    2.3ApplicationPhpPhp4.0.1patch2******
    2.3ApplicationPhpPhp4.0.2*******
    2.3ApplicationPhpPhp4.0.3*******
    2.3ApplicationPhpPhp4.0.3patch1******
    2.3ApplicationPhpPhp4.0.4*******
    2.3ApplicationPhpPhp4.0.5*******
    2.3ApplicationPhpPhp4.0.6*******
    2.3ApplicationPhpPhp4.0.7*******
    2.3ApplicationPhpPhp4.0.7rc1******
    2.3ApplicationPhpPhp4.0.7rc2******
    2.3ApplicationPhpPhp4.0.7rc3******
    2.3ApplicationPhpPhp4.1.0*******
    2.3ApplicationPhpPhp4.1.1*******
    2.3ApplicationPhpPhp4.1.2*******
    2.3ApplicationPhpPhp4.2*dev*****
    2.3ApplicationPhpPhp4.2.0*******
    2.3ApplicationPhpPhp4.2.1*******
    2.3ApplicationPhpPhp4.2.2*******
    2.3ApplicationPhpPhp4.2.3*******
    2.3ApplicationPhpPhp4.3.0*******
    2.3ApplicationPhpPhp4.3.1*******
    2.3ApplicationPhpPhp4.3.2*******
    2.3ApplicationPhpPhp4.3.3*******
    2.3ApplicationPhpPhp4.3.4*******
    2.3ApplicationPhpPhp4.3.5*******
    2.3ApplicationPhpPhp4.3.6*******
    2.3ApplicationPhpPhp4.3.7*******
    2.3ApplicationPhpPhp4.3.8*******
    2.3ApplicationPhpPhp4.3.9*******
    2.3ApplicationPhpPhp5.0rc1******
    2.3ApplicationPhpPhp5.0rc2******
    2.3ApplicationPhpPhp5.0rc3******
    2.3ApplicationPhpPhp5.0.0*******
    2.3ApplicationPhpPhp5.0.1*******
    2.3ApplicationPhpPhp5.0.2*******
  • OR - Configuration 2
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSTrustixSecure Linux2.0*******
    2.3OSTrustixSecure Linux2.1*******
    2.3OSTrustixSecure Linux2.2*******
    2.3OSUbuntuUbuntu Linux4.1*ia64*****
    2.3OSUbuntuUbuntu Linux4.1*ppc*****

Vulnerable Software List

VendorProductVersions
Openpkg Openpkg 2.1, 2.2, current
Ubuntu Ubuntu Linux 4.1
Php Php 3.0, 3.0.1, 3.0.10, 3.0.11, 3.0.12, 3.0.13, 3.0.14, 3.0.15, 3.0.16, 3.0.17, 3.0.18, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.0.8, 3.0.9, 4.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.5, 4.0.6, 4.0.7, 4.1.0, 4.1.1, 4.1.2, 4.2, 4.2.0, 4.2.1, 4.2.2, 4.2.3, 4.3.0, 4.3.1, 4.3.2, 4.3.3, 4.3.4, 4.3.5, 4.3.6, 4.3.7, 4.3.8, 4.3.9, 5.0, 5.0.0, 5.0.1, 5.0.2
Trustix Secure Linux 2.0, 2.1, 2.2

References

NameSourceURLTags
SUSE-SU-2015:0365http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00029.htmlSUSE
openSUSE-SU-2015:0325http://lists.opensuse.org/opensuse-updates/2015-02/msg00079.htmlSUSE
20041215 Advisory 01/2004: Multiple vulnerabilities in PHP 4/5http://marc.info/?l=bugtraq&m=110314318531298&w=2BUGTRAQ
OpenPKG-SA-2004.053http://msgs.securepoint.com/cgi-bin/get/bugtraq0412/157.htmlOPENPKG
http://www.hardened-php.net/advisories/012004.txthttp://www.hardened-php.net/advisories/012004.txtMISC
MDKSA-2004:151http://www.mandriva.com/security/advisories?name=MDKSA-2004:151MANDRAKE
SUSE-SA:2005:002http://www.novell.com/linux/security/advisories/2005_02_php4_mod_php4.htmlSUSE
http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.htmlhttp://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.htmlCONFIRM
http://www.php.net/release_4_3_10.phphttp://www.php.net/release_4_3_10.phpCONFIRM
RHSA-2004:687http://www.redhat.com/support/errata/RHSA-2004-687.htmlREDHATPatch Vendor Advisory
RHSA-2005:032http://www.redhat.com/support/errata/RHSA-2005-032.htmlREDHAT
RHSA-2005:816http://www.redhat.com/support/errata/RHSA-2005-816.htmlREDHAT
HPSBMA01212http://www.securityfocus.com/advisories/9028HP
FLSA:2344https://bugzilla.fedora.us/show_bug.cgi?id=2344FEDORA
php-unserialize-code-execution(18514)https://exchange.xforce.ibmcloud.com/vulnerabilities/18514XF
oval:org.mitre.oval:def:10511https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10511OVAL