Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2014-9767
HistoryMay 22, 2016 - 1:59 a.m.

CVE-2014-9767

2016-05-2201:59:00
CWE-22
[email protected]
web.nvd.nist.gov
205
cve-2014-9767
ziparchive
extractto
php
hhvm
vulnerability
directory traversal
nvd

4.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

6.8 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.013 Low

EPSS

Percentile

85.9%

JSON

Directory traversal vulnerability in the ZipArchive::extractTo function in ext/zip/php_zip.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 and ext/zip/ext_zip.cpp in HHVM before 3.12.1 allows remote attackers to create arbitrary empty directories via a crafted ZIP archive.

Related

ubuntucve 1
prion 1
nessus 16
openvas 14
suse 6
ubuntu 2
ibm 1
cloudlinux 1
veracode 57
redhat 1
rosalinux 1
ubuntucve
ubuntucve
CVE-2014-9767
2014-12-31 00:00:00
prion
prion
Directory traversal
2016-05-22 01:59:00
nessus
nessus
PHP 7.0.x < 7.0.0 Multiple Vulnerabilities
2019-03-01 00:00:00
PHP 5.4.x < 5.4.45 Multiple Vulnerabilities
2015-09-10 00:00:00
openSUSE Security Update : php5 (openSUSE-2016-516)
2016-04-28 00:00:00
openvas
openvas
PHP Directory Traversal Vulnerability (Jul 2016) - Windows
2016-07-14 00:00:00
PHP Directory Traversal Vulnerability (Jul 2016) - Linux
2016-07-14 00:00:00
openSUSE: Security Advisory for php5 (openSUSE-SU-2016:1167-1)
2016-04-28 00:00:00
suse
suse
Security update for php5 (important)
2016-04-27 23:07:43
Security update for php5 (important)
2016-04-27 20:08:04
Security update for php5 (important)
2016-04-28 19:08:05
ubuntu
ubuntu
PHP regression
2016-04-27 00:00:00
PHP vulnerabilities
2016-04-21 00:00:00
ibm
ibm
Security Bulletin: IBM Flex System Manager (FSM) is affected by multiple php vulnerabilities
2018-06-18 01:33:37
cloudlinux
cloudlinux
Fix of 227 CVE
2020-10-15 12:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 06:02:26
Arbitrary Code Execution
2019-05-02 06:02:23
Null Pointer Dereference
2019-05-02 06:02:24
redhat
redhat
(RHSA-2016:2750) Moderate: rh-php56 security, bug fix, and enhancement update
2016-11-15 11:13:31
rosalinux
rosalinux
Advisory ROSA-SA-2021-1950
2021-07-02 17:57:45

4.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

6.8 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.013 Low

EPSS

Percentile

85.9%

JSON
Related for CVE-2014-9767
ubuntucve1prion1nessus16openvas14suse6ubuntu2ibm1cloudlinux1veracode57redhat1rosalinux1