7.5
CVSSv2

CVE-2014-3515

Published: 09/07/2014 Updated: 07/01/2017
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

The SPL component in PHP prior to 5.4.30 and 5.5.x prior to 5.5.14 incorrectly anticipates that certain data structures will have the array data type after unserialization, which allows remote malicious users to execute arbitrary code via a crafted string that triggers use of a Hashtable destructor, related to "type confusion" issues in (1) ArrayObject and (2) SPLObjectStorage.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

php php 5.4.0

php php 5.4.1

php php 5.4.2

php php 5.4.3

php php 5.4.4

php php 5.4.5

php php 5.4.6

php php 5.4.7

php php 5.4.8

php php 5.4.9

php php 5.4.10

php php 5.4.11

php php 5.4.12

php php 5.4.13

php php 5.4.14

php php 5.4.15

php php 5.4.16

php php 5.4.17

php php 5.4.18

php php 5.4.19

php php 5.4.20

php php 5.4.21

php php 5.4.22

php php 5.4.23

php php 5.4.24

php php 5.4.25

php php 5.4.26

php php 5.4.27

php php 5.4.28

php php

php php 5.5.0

php php 5.5.1

php php 5.5.2

php php 5.5.3

php php 5.5.4

php php 5.5.5

php php 5.5.6

php php 5.5.7

php php 5.5.8

php php 5.5.9

php php 5.5.10

php php 5.5.11

php php 5.5.12

php php 5.5.13

Vendor Advisories

A type confusion issue was found in the SPL ArrayObject and SPLObjectStorage classes' unserialize() method A remote attacker able to submit specially crafted input to a PHP application, which would then unserialize this input using one of the aforementioned methods, could use this flaw to execute arbitrary code with the privileges of the user runn ...
Several security issues were fixed in PHP ...
Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2014-0207 Francisco Alonso of the Red Hat Security Response Team reported an incorrect boundary check in the cdf_read_short_se ...
A denial of service flaw was found in the way the File Information (fileinfo) extension parsed certain Composite Document Format (CDF) files A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file acincludem4, as used in the configure script in PHP 5513 and earlier, allows local users to ...
acincludem4, as used in the configure script in PHP 5513 and earlier, allows local users to overwrite arbitrary files via a symlink attack on the /tmp/phpglibccheck file A denial of service flaw was found in the way the File Information (fileinfo) extension parsed certain Composite Document Format (CDF) files A remote attacker could use this ...
Tenable's SecurityCenter is affected by several vulnerabilities due to the use of third-party libraries, specifically Apache HTTP Server and PHP CVE-2014-3515 - PHP unserialize() Call SPL ArrayObject / SPLObjectStorage Type Confusion Remote Code Execution PHP contains an type confusion flaw that is triggered when performing an unserialize() call ...
acincludem4, as used in the configure script in PHP 5513 and earlier, allows local users to overwrite arbitrary files via a symlink attack on the /tmp/phpglibccheck file A denial of service flaw was found in the way the File Information (fileinfo) extension parsed certain Composite Document Format (CDF) files A remote attacker could use this ...
<!-- content goes here --> Oracle Solaris Third Party Bulletin - January 2015 Description The Oracle Solaris Third Party Bulletin announces patches for one or more security vulnerabilities fixed in third party software that is included in Oracle Solaris distributions Starting January 20, 2015, Third Party Bulletins are released on the same day wh ...

Mailing Lists

Kerio Control Unified Threat Management versions prior to 913 suffer from unsafe usage of the PHP unserialize function, code execution, memory corruption, cross site scripting, and various other vulnerabilities ...