PT-2014-1412 · Php+4 · Php+4

Published

2014-07-04

Updated

2024-06-15

CVE-2014-4670

CVSS v2.0

4.6

Medium

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions PHP versions prior to 5.5.14

Description The issue is related to a use-after-free vulnerability in the SPL component. This vulnerability allows context-dependent attackers to cause a denial of service or possibly have unspecified other impact via crafted iterator usage within applications in certain web-hosting environments.

Recommendations For PHP versions prior to 5.5.14, update to version 5.5.14 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

BDU:2015-00367

CESA-2014_1326

CESA-2014_1327

CVE-2014-4670

DSA-3008-1

MGASA-2014-0324

OPENSUSE-SU-2024:10290-1

OPENSUSE-SU-2024:10344-1

OPENSUSE-SU-2024:11169-1

RHSA-2014:1326

RHSA-2014:1327

RHSA-2014:1765

RHSA-2014:1766

RHSA-2014_1326

RHSA-2014_1327

SUSE-SU-2016:1638-1

USN-2276-1

Affected Products

Centos

Php

Red Hat

Suse

Ubuntu

PT-2014-1412 · Php+4 · Php+4

CVE-2014-4670

Related Identifiers

Affected Products

References · 370