Unrated severityNVD Advisory· Published Dec 11, 2005· Updated Apr 16, 2026
CVE-2005-4154
CVE-2005-4154
Description
Unspecified vulnerability in PEAR installer 1.4.2 and earlier allows user-assisted attackers to execute arbitrary code via a crafted package that can execute code when the pear command is executed or when the Web/Gtk frontend is loaded.
Affected products
21cpe:2.3:a:php:pear:*:*:*:*:*:*:*:*+ 20 more
- cpe:2.3:a:php:pear:*:*:*:*:*:*:*:*range: <=1.4.2
- cpe:2.3:a:php:pear:0.10:*:*:*:*:*:*:*
- cpe:2.3:a:php:pear:0.11:*:*:*:*:*:*:*
- cpe:2.3:a:php:pear:0.9:*:*:*:*:*:*:*
- cpe:2.3:a:php:pear:0.90:*:*:*:*:*:*:*
- cpe:2.3:a:php:pear:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:php:pear:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php:pear:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php:pear:1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php:pear:1.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php:pear:1.3:*:*:*:*:*:*:*
- cpe:2.3:a:php:pear:1.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php:pear:1.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:php:pear:1.3.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php:pear:1.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:php:pear:1.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:php:pear:1.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:php:pear:1.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:php:pear:1.4.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:php:pear:1.4.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:php:pear:1.4.1:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- pear.php.net/advisory-20051104.txtnvdPatchVendor Advisory
- secunia.com/advisories/17563/nvdPatchVendor Advisory
- securitytracker.com/alerts/2005/Nov/1015161.htmlnvdPatch
- www.vupen.com/english/advisories/2005/2444nvdVendor Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/23021nvd
News mentions
0No linked articles in our index yet.