CVE-2014-3515
9.4 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.814 High
EPSS
Percentile
98.3%
The SPL component in PHP before 5.4.30 and 5.5.x before 5.5.14 incorrectly anticipates that certain data structures will have the array data type after unserialization, which allows remote attackers to execute arbitrary code via a crafted string that triggers use of a Hashtable destructor, related to “type confusion” issues in (1) ArrayObject and (2) SPLObjectStorage.
References
git.php.net/?p=php-src.git%3Ba=commit%3Bh=88223c5245e9b470e1e6362bfd96829562ffe6ab
lists.opensuse.org/opensuse-updates/2014-09/msg00046.html
marc.info/?l=bugtraq&m=141017844705317&w=2
rhn.redhat.com/errata/RHSA-2014-1765.html
rhn.redhat.com/errata/RHSA-2014-1766.html
secunia.com/advisories/59794
secunia.com/advisories/59831
secunia.com/advisories/60998
support.apple.com/kb/HT6443
www-01.ibm.com/support/docview.wss?uid=swg21683486
www.debian.org/security/2014/dsa-2974
www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html
www.php.net/ChangeLog-5.php
www.securityfocus.com/bid/68237
bugs.php.net/bug.php?id=67492
Social References
More
Related
9.4 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.814 High
EPSS
Percentile
98.3%