Lucene search
DebianDEBIAN:FD71ACF23D230B6F8B8660456EE1E304:72349HistoryJun 27, 2014 - 11:29 a.m.
php5 security update
2014-06-2711:29:37
lists.debian.org
18
5.1 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
0.948 High
EPSS
Percentile
99.2%
Package : php5
Version : 5.3.3-7+squeeze20
CVE ID : CVE-2014-4049
It was discovered that PHP, a general-purpose scripting
language commonly used for web application development, is
vulnerable to a heap-based buffer overflow in the DNS TXT
record parsing. A malicious server or man-in-the-middle
attacker could possibly use this flaw to execute arbitrary
code as the PHP interpreter if a PHP application uses
dns_get_record() to perform a DNS query.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 7 | mips | php5-enchant | < 5.4.4-14+deb7u11 | php5-enchant_5.4.4-14+deb7u11_mips.deb |
| Debian | 6 | amd64 | libapache2-mod-php5filter | < 5.3.3-7+squeeze20 | libapache2-mod-php5filter_5.3.3-7+squeeze20_amd64.deb |
| Debian | 7 | kfreebsd-i386 | php5-tidy | < 5.4.4-14+deb7u11 | php5-tidy_5.4.4-14+deb7u11_kfreebsd-i386.deb |
| Debian | 7 | kfreebsd-i386 | php5-pspell | < 5.4.4-14+deb7u11 | php5-pspell_5.4.4-14+deb7u11_kfreebsd-i386.deb |
| Debian | 6 | all | php5 | < 5.3.3-7+squeeze20 | php5_5.3.3-7+squeeze20_all.deb |
| Debian | 7 | s390 | php5-common | < 5.4.4-14+deb7u11 | php5-common_5.4.4-14+deb7u11_s390.deb |
| Debian | 7 | powerpc | php5-tidy | < 5.4.4-14+deb7u11 | php5-tidy_5.4.4-14+deb7u11_powerpc.deb |
| Debian | 7 | sparc | php5-mysqlnd | < 5.4.4-14+deb7u11 | php5-mysqlnd_5.4.4-14+deb7u11_sparc.deb |
| Debian | 6 | i386 | libapache2-mod-php5filter | < 5.3.3-7+squeeze20 | libapache2-mod-php5filter_5.3.3-7+squeeze20_i386.deb |
| Debian | 7 | s390 | php5-sqlite | < 5.4.4-14+deb7u11 | php5-sqlite_5.4.4-14+deb7u11_s390.deb |
Related
osv
osv
php5 - security update
2014-06-27 00:00:00
php5 - security update
2014-06-16 00:00:00
php5 - security update
2014-08-21 00:00:00
debian
debian
[SECURITY] [DSA 2961-1] php5 security update
2014-06-16 19:30:13
[SECURITY] [DSA 2961-1] php5 security update
2014-06-16 19:30:13
php5 security update
2014-06-27 11:30:03
openvas
openvas
Debian: Security Advisory (DSA-2961-1)
2014-06-15 00:00:00
PHP 'php_parserr' Heap Based Buffer Overflow Vulnerability - Linux
2016-12-05 00:00:00
PHP 'php_parserr' Heap Based Buffer Overflow Vulnerability - Windows
2016-12-05 00:00:00
nessus
nessus
openSUSE Security Update : php5 (openSUSE-SU-2014:0841-1)
2014-06-26 00:00:00
Debian DSA-2961-1 : php5 - security update
2014-06-17 00:00:00
SUSE SLES11 Security Update : PHP5 (SUSE-SU-2014:0868-1)
2015-05-20 00:00:00
ubuntucve
ubuntucve
CVE-2014-4049
2014-06-18 00:00:00
CVE-2014-3597
2014-08-22 00:00:00
checkpoint_advisories
checkpoint_advisories
PHP php_parserr DNS_TXT Heap Buffer Overflow (CVE-2014-4049)
2014-07-16 00:00:00
prion
prion
Heap overflow
2014-06-18 19:55:00
Buffer overflow
2014-08-23 01:55:00
cve
cve
CVE-2014-4049
2014-06-18 19:55:00
CVE-2014-3597
2014-08-23 01:55:00
veracode
veracode
Arbitrary Code Execution
2019-05-02 05:04:21
Denial Of Service (DoS)
2019-05-02 05:04:17
Denial Of Service (DoS)
2019-05-02 05:04:17
suse
suse
Security update for PHP5 (important)
2014-07-04 00:04:20
Security update for php53 (important)
2014-07-04 01:04:18
Security update for PHP5 (important)
2014-07-07 19:04:42
ubuntu
ubuntu
PHP updates
2014-06-25 00:00:00
PHP vulnerabilities
2014-06-23 00:00:00
securityvulns
securityvulns
PHP security vulnerabilities
2014-06-17 00:00:00
APPLE-SA-2014-09-17-3 OS X Mavericks 10.9.5 and Security Update 2014-004
2014-09-21 00:00:00
Apple Mac OS X / OS X Server multiple security vulnerabilities
2014-09-21 00:00:00
ibm
ibm
Security Bulletin: Vulnerabilities in PHP affect IBM Chassis Management Module (CMM) (CVE-2013-4248, CVE-2013-6420, CVE-2014-2497, CVE-2014-4049)
2019-01-31 01:55:01
mageia
mageia
Updated php packages fix multiple security vulnerabilities
2014-09-05 13:07:37
Updated php packages fix multiple vulnerabilities
2014-07-09 02:30:04
Updated php packages fix multiple vulnerabilities
2014-07-09 02:29:20
f5
f5
SOL15761 - Multiple PHP 5.x vulnerabilities
2014-10-30 00:00:00
K15761 : Multiple PHP 5.x vulnerabilities
2015-09-17 00:00:00
K15498 : Multiple PHP vulnerabilities
2014-08-12 00:00:00
oraclelinux
oraclelinux
php53 and php security update
2014-09-30 00:00:00
php security update
2014-08-06 00:00:00
php security update
2014-09-30 00:00:00
freebsd
freebsd
PHP multiple vulnerabilities
2014-08-14 00:00:00
amazon
amazon
slackware
slackware
[slackware-security] php
2014-07-12 03:48:04
redhat
redhat
(RHSA-2014:1013) Moderate: php security update
2014-08-06 00:00:00
(RHSA-2014:1012) Moderate: php53 and php security update
2014-08-06 00:00:00
(RHSA-2014:1766) Important: php55-php security update
2014-10-30 00:00:00
centos
centos
php security update
2014-08-06 14:38:20
php, php53 security update
2014-08-06 14:53:37
gentoo
gentoo
PHP: Multiple vulnerabilities
2014-08-29 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1950
2021-07-02 17:57:45
5.1 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
0.948 High
EPSS
Percentile
99.2%
Related for DEBIAN:FD71ACF23D230B6F8B8660456EE1E304:72349