WEB APPLICATION VULNERABILITIES Standard & Premium

PHP Improper Input Validation Vulnerability (CVE-2004-1019)

Description

The deserialization code in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to cause a denial of service and execute arbitrary code via untrusted data to the unserialize function that may trigger "information disclosure, double-free and negative reference index array underflow" results.

Remediation

References

Related Vulnerabilities

Jboss EAP Other Vulnerability (CVE-2014-3490)

Oracle Database Server CVE-2014-6483 Vulnerability (CVE-2014-6483)

Oracle JRE CVE-2023-21930 Vulnerability (CVE-2023-21930)

Oracle JRE CVE-2024-21217 Vulnerability (CVE-2024-21217)

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-4592)

Severity

Critical

Classification

CVE-2004-1019 CWE-20

Tags

Missing Update Known Vulnerabilities