CVE-2004-0594

Name of the Vulnerable Software and Affected Versions PHP versions 4.3.7 and prior PHP versions 5.0.0RC3 and prior

Description The issue allows remote attackers to execute arbitrary code under certain conditions, such as when register globals is enabled. This is achieved by triggering a memory limit abort during the execution of the zend hash init function, which overwrites a HashTable destructor pointer before key data structures are fully initialized. A remote user can submit a specially crafted HTTP POST request to interrupt the memory allocation process while Zend HashTables are being allocated and initialized, supplying an arbitrary HashTable destructor pointer to execute arbitrary code.

Recommendations For PHP versions 4.3.7 and prior, consider disabling the register globals setting to minimize the risk of exploitation. For PHP versions 5.0.0RC3 and prior, restrict access to the zend hash init function until a patch is available. As a temporary workaround, consider disabling the memory limit functionality until a patch is available. Avoid using the strip tags() function in Internet Explorer and Safari browsers until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.