Lucene search

K
nvd[email protected]NVD:CVE-2014-9705
HistoryMar 30, 2015 - 10:59 a.m.

CVE-2014-9705

2015-03-3010:59:04
CWE-119
web.nvd.nist.gov
8

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.4

Confidence

High

EPSS

0.247

Percentile

96.7%

Heap-based buffer overflow in the enchant_broker_request_dict function in ext/enchant/enchant.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 allows remote attackers to execute arbitrary code via vectors that trigger creation of multiple dictionaries.

Affected configurations

Nvd
Node
phpphpRange5.4.37
OR
phpphpMatch5.5.0
OR
phpphpMatch5.5.0alpha1
OR
phpphpMatch5.5.0alpha2
OR
phpphpMatch5.5.0alpha3
OR
phpphpMatch5.5.0alpha4
OR
phpphpMatch5.5.0alpha5
OR
phpphpMatch5.5.0alpha6
OR
phpphpMatch5.5.0beta1
OR
phpphpMatch5.5.0beta2
OR
phpphpMatch5.5.0beta3
OR
phpphpMatch5.5.0beta4
OR
phpphpMatch5.5.0rc1
OR
phpphpMatch5.5.0rc2
OR
phpphpMatch5.5.1
OR
phpphpMatch5.5.2
OR
phpphpMatch5.5.3
OR
phpphpMatch5.5.4
OR
phpphpMatch5.5.5
OR
phpphpMatch5.5.6
OR
phpphpMatch5.5.7
OR
phpphpMatch5.5.8
OR
phpphpMatch5.5.9
OR
phpphpMatch5.5.10
OR
phpphpMatch5.5.11
OR
phpphpMatch5.5.12
OR
phpphpMatch5.5.13
OR
phpphpMatch5.5.14
OR
phpphpMatch5.5.15
OR
phpphpMatch5.5.16
OR
phpphpMatch5.5.17
OR
phpphpMatch5.5.18
OR
phpphpMatch5.5.19
OR
phpphpMatch5.5.20
OR
phpphpMatch5.5.21
OR
phpphpMatch5.6.0alpha1
OR
phpphpMatch5.6.0alpha2
OR
phpphpMatch5.6.0alpha3
OR
phpphpMatch5.6.0alpha4
OR
phpphpMatch5.6.0alpha5
OR
phpphpMatch5.6.0beta1
OR
phpphpMatch5.6.0beta2
OR
phpphpMatch5.6.0beta3
OR
phpphpMatch5.6.0beta4
OR
phpphpMatch5.6.1
OR
phpphpMatch5.6.2
OR
phpphpMatch5.6.3
OR
phpphpMatch5.6.4
OR
phpphpMatch5.6.5
VendorProductVersionCPE
phpphp*cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
phpphp5.5.0cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*
phpphp5.5.0cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*
phpphp5.5.0cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*
phpphp5.5.0cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*
phpphp5.5.0cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*
phpphp5.5.0cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*
phpphp5.5.0cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*
phpphp5.5.0cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*
phpphp5.5.0cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*
Rows per page:
1-10 of 491

References

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.4

Confidence

High

EPSS

0.247

Percentile

96.7%