Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.6
CVSSv2

CVE-2014-4670

Published: 10/07/2014 Updated: 07/01/2017
CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9
VMScore: 409
Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Php

Vulnerability Summary

Use-after-free vulnerability in ext/spl/spl_dllist.c in the SPL component in PHP up to and including 5.5.14 allows context-dependent malicious users to cause a denial of service or possibly have unspecified other impact via crafted iterator usage within applications in certain web-hosting environments.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

php php 5.5.0

php php 5.5.1

php php 5.5.10

php php 5.5.4

php php 5.5.5

php php 5.5.11

php php 5.5.12

php php 5.5.6

php php 5.5.7

php php 5.5.2

php php 5.5.3

php php 5.5.13

php php

php php 5.5.8

php php 5.5.9

Vendor Advisories

Ubuntu Security Notice: php5 vulnerabilities
Several security issues were fixed in PHP ...
Debian Security Advisories: DSA-3008-1 php5 -- security update
Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2014-3538 It was discovered that the original fix for CVE-2013-7345 did not sufficiently address the problem A remote attacke ...
Red Hat: CVE-2014-4670
A use-after-free flaw was found in the way PHP handled certain Standard PHP Library (SPL) Iterators A malicious script author could possibly use this flaw to disclose certain portions of server memory ...

References

NVD-CWE-Otherhttps://bugs.php.net/bug.php?id=67538http://secunia.com/advisories/59831http://www.debian.org/security/2014/dsa-3008http://lists.opensuse.org/opensuse-updates/2014-07/msg00035.htmlhttp://rhn.redhat.com/errata/RHSA-2014-1327.htmlhttp://rhn.redhat.com/errata/RHSA-2014-1326.htmlhttp://rhn.redhat.com/errata/RHSA-2014-1766.htmlhttp://rhn.redhat.com/errata/RHSA-2014-1765.htmlhttp://lists.opensuse.org/opensuse-updates/2014-09/msg00046.htmlhttps://support.apple.com/HT204659http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.htmlhttp://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.htmlhttp://www-01.ibm.com/support/docview.wss?uid=swg21683486http://secunia.com/advisories/60696http://secunia.com/advisories/54553https://usn.ubuntu.com/2276-1/https://nvd.nist.govhttps://access.redhat.com/security/cve/cve-2014-4670
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700CVE-2022-48689CVE-2024-27956CVE-2023-6363SQLNULL pointer dereferenceCVE-2023-41830CVE-2015-2051arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook