PT-2014-1412 · Php+4 · Php+4

Publicado

2014-07-04

Atualizado

2024-06-15

CVE-2014-4670

CVSS v2.0

4.6

Média

Vetor

AV:L/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions PHP versions prior to 5.5.14

Description The issue is related to a use-after-free vulnerability in the SPL component. This vulnerability allows context-dependent attackers to cause a denial of service or possibly have unspecified other impact via crafted iterator usage within applications in certain web-hosting environments.

Recommendations For PHP versions prior to 5.5.14, update to version 5.5.14 or later to resolve the issue.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

BDU:2015-00367

CESA-2014_1326

CESA-2014_1327

CVE-2014-4670

DSA-3008-1

MGASA-2014-0324

OPENSUSE-SU-2024:10290-1

OPENSUSE-SU-2024:10344-1

OPENSUSE-SU-2024:11169-1

RHSA-2014:1326

RHSA-2014:1327

RHSA-2014:1765

RHSA-2014:1766

RHSA-2014_1326

RHSA-2014_1327

SUSE-SU-2016:1638-1

USN-2276-1

Produtos afetados

Centos

Php

Red Hat

Suse

Ubuntu

PT-2014-1412 · Php+4 · Php+4

CVE-2014-4670

Identificadores relacionados

Produtos afetados

Referências · 370