Unrated severityNVD Advisory· Published Dec 11, 2005· Updated Jun 16, 2026
CVE-2005-4154
CVE-2005-4154
Description
Unspecified vulnerability in PEAR installer 1.4.2 and earlier allows user-assisted attackers to execute arbitrary code via a crafted package that can execute code when the pear command is executed or when the Web/Gtk frontend is loaded.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
22cpe:2.3:a:php:pear:*:*:*:*:*:*:*:*+ 20 more
- cpe:2.3:a:php:pear:*:*:*:*:*:*:*:*range: <=1.4.2
- cpe:2.3:a:php:pear:0.10:*:*:*:*:*:*:*
- cpe:2.3:a:php:pear:0.11:*:*:*:*:*:*:*
- cpe:2.3:a:php:pear:0.9:*:*:*:*:*:*:*
- cpe:2.3:a:php:pear:0.90:*:*:*:*:*:*:*
- cpe:2.3:a:php:pear:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:php:pear:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php:pear:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php:pear:1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php:pear:1.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php:pear:1.3:*:*:*:*:*:*:*
- cpe:2.3:a:php:pear:1.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php:pear:1.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:php:pear:1.3.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php:pear:1.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:php:pear:1.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:php:pear:1.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:php:pear:1.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:php:pear:1.4.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:php:pear:1.4.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:php:pear:1.4.1:*:*:*:*:*:*:*
- Range: <=1.4.2
Patches
Vulnerability mechanics
References
5- pear.php.net/advisory-20051104.txtnvdPatchVendor Advisory
- secunia.com/advisories/17563/nvdPatchVendor Advisory
- securitytracker.com/alerts/2005/Nov/1015161.htmlnvdPatch
- www.vupen.com/english/advisories/2005/2444nvdVendor Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/23021nvd
News mentions
0No linked articles in our index yet.