CVE-2014-3515

🗓️ 09 Jul 2014 10:00:00Reported by redhatType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 386 Views

PHP before 5.4.30/5.5.x allows remote attackers to execute arbitrary code via crafted string triggering Hashtable destructor

Reporter	Title	Published	Views	Family All 139
0day.today	Kerio Control Unified Threat Management 9.1.0 build 1087 / 9.1.1 build 1324 - Multiple Vulnerabiliti	22 Sep 201600:00	–	zdt
Tenable Nessus	PHP 5.4.x < 5.4.30 / 5.5.x < 5.5.14 Multiple Vulnerabilities	2 Jul 201400:00	–	nessus
Tenable Nessus	Mac OS X < 10.9.5 Multiple Vulnerabilities (Security Update 2014-004)	19 Sep 201400:00	–	nessus
Tenable Nessus	Amazon Linux AMI : php54 (ALAS-2014-367)	12 Oct 201400:00	–	nessus
Tenable Nessus	Amazon Linux AMI : php55 (ALAS-2014-372)	12 Oct 201400:00	–	nessus
Tenable Nessus	Amazon Linux AMI : php (ALAS-2014-393)	12 Oct 201400:00	–	nessus
Tenable Nessus	CentOS 5 / 6 : php / php53 (CESA-2014:1012)	7 Aug 201400:00	–	nessus
Tenable Nessus	CentOS 7 : php (CESA-2014:1013)	7 Aug 201400:00	–	nessus
Tenable Nessus	Debian DLA-18-1 : php5 security update	26 Mar 201500:00	–	nessus
Tenable Nessus	Debian DSA-2974-1 : php5 - security update	9 Jul 201400:00	–	nessus

NVD

Node

php phpRange<5.3.29

php phpRange5.4.0–5.4.30

php phpRange5.5.0–5.5.14

Node

Source	Link
securityfocus	www.securityfocus.com/bid/68237
www-01	www.www-01.ibm.com/support/docview.wss
secunia	www.secunia.com/advisories/60998
marc	www.marc.info/
lists	www.lists.opensuse.org/opensuse-updates/2014-09/msg00046.html
rhn	www.rhn.redhat.com/errata/RHSA-2014-1766.html
git	www.git.php.net/
secunia	www.secunia.com/advisories/59794
php	www.php.net/ChangeLog-5.php
oracle	www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html

06 May 2026 22:30Current

8High risk

Vulners AI Score8

CVSS 27.5

EPSS0.48662