Lucene search

K

PRIOn knowledge basePRION:CVE-2014-9705

HistoryMar 30, 2015 - 10:59 a.m.

Heap overflow

2015-03-3010:59:00

PRIOn knowledge base

www.prio-n.com

5

8.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.189 Low

EPSS

Percentile

96.1%

Heap-based buffer overflow in the enchant_broker_request_dict function in ext/enchant/enchant.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 allows remote attackers to execute arbitrary code via vectors that trigger creation of multiple dictionaries.

CPENameOperatorVersion
phpeq5.6.1
phpeq5.5.0 alpha1
phpeq5.6.0 alpha5
phpeq5.6.5
phpeq5.5.0 alpha3
phpeq5.5.19
phpeq5.5.0 beta3
phpeq5.5.0
phpeq5.5.16
phpeq5.6.0 beta2

Rows per page:

1-10 of 491

References

lists.apple.com/archives/security-announce/2015/Sep/msg00008.html

lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html

lists.opensuse.org/opensuse-updates/2015-04/msg00002.html

openwall.com/lists/oss-security/2015/03/15/6

php.net/ChangeLog-5.php

rhn.redhat.com/errata/RHSA-2015-1053.html

rhn.redhat.com/errata/RHSA-2015-1066.html

rhn.redhat.com/errata/RHSA-2015-1135.html

rhn.redhat.com/errata/RHSA-2015-1218.html

svn.php.net/viewvc/pecl/enchant/trunk/enchant.c?r1=317600&r2=335803

www.debian.org/security/2015/dsa-3195

www.mandriva.com/security/advisories?name=MDVSA-2015:079

www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html

www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

www.securityfocus.com/bid/73031

www.securitytracker.com/id/1031948

www.ubuntu.com/usn/USN-2535-1

bugs.php.net/bug.php?id=68552

marc.info/?l=bugtraq&m=143748090628601&w=2

marc.info/?l=bugtraq&m=144050155601375&w=2

security.gentoo.org/glsa/201606-10

support.apple.com/HT205267

www.htbridge.com/advisory/HTB23252

8.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.189 Low

EPSS

Percentile

96.1%

Related for PRION:CVE-2014-9705

htbridge1 hackerone1 f52 ubuntucve1 cve1 openvas19 nessus28 securityvulns5 ubuntu1 debian2 osv2 suse2 kaspersky1 veracode27 oraclelinux4 redhat4 centos2 gentoo1 rosalinux1