Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
suseSuseSUSE-SU-2014:0873-2
HistoryJul 07, 2014 - 7:04 p.m.

Security update for PHP5 (important)

2014-07-0719:04:42
lists.opensuse.org
23

0.951 High

EPSS

Percentile

99.1%

JSON

PHP5 has been updated to fix four security vulnerabilities:

   * Heap-based buffer overflow in DNS TXT record parsing (CVE-2014-4049)
   * Heap based buffer overflow in time handling in openssl_x509_parse
     (CVE-2013-6420)
   * Man in the Middle attack in the the openssl_x509_parse due to lack
     of \0 handling (CVE-2013-4248)
   * NULL pointer dereference in GD XPM decoder (CVE-2014-2497)

Security Issues:

   * CVE-2014-4049
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4049">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4049</a>&gt;
   * CVE-2013-6420
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6420">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6420</a>&gt;
   * CVE-2013-4248
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4248">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4248</a>&gt;
   * CVE-2014-2497
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2497">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2497</a>&gt;
OSVersionArchitecturePackageVersionFilename
SUSE Linux Enterprise Server LTSS11.1i586php5-bcmath< 5.2.14-0.7.30.54.1php5-bcmath-5.2.14-0.7.30.54.1.i586.rpm
SUSE Linux Enterprise Server LTSS11.1s390xphp5-snmp< 5.2.14-0.7.30.54.1php5-snmp-5.2.14-0.7.30.54.1.s390x.rpm
SUSE Linux Enterprise Server LTSS11.1x86_64php5-tokenizer< 5.2.14-0.7.30.54.1php5-tokenizer-5.2.14-0.7.30.54.1.x86_64.rpm
SUSE Linux Enterprise Server LTSS11.1i586php5-dba< 5.2.14-0.7.30.54.1php5-dba-5.2.14-0.7.30.54.1.i586.rpm
SUSE Linux Enterprise Server LTSS11.1i586php5-xmlwriter< 5.2.14-0.7.30.54.1php5-xmlwriter-5.2.14-0.7.30.54.1.i586.rpm
SUSE Linux Enterprise Server LTSS11.1s390xphp5-ldap< 5.2.14-0.7.30.54.1php5-ldap-5.2.14-0.7.30.54.1.s390x.rpm
SUSE Linux Enterprise Server LTSS11.1i586php5-json< 5.2.14-0.7.30.54.1php5-json-5.2.14-0.7.30.54.1.i586.rpm
SUSE Linux Enterprise Server LTSS11.1x86_64php5< 5.2.14-0.7.30.54.1php5-5.2.14-0.7.30.54.1.x86_64.rpm
SUSE Linux Enterprise Server LTSS11.1x86_64php5-snmp< 5.2.14-0.7.30.54.1php5-snmp-5.2.14-0.7.30.54.1.x86_64.rpm
SUSE Linux Enterprise Server LTSS11.1x86_64php5-pcntl< 5.2.14-0.7.30.54.1php5-pcntl-5.2.14-0.7.30.54.1.x86_64.rpm
Rows per page:
1-10 of 1351

Related

openvas 64
ibm 3
suse 3
nessus 41
fedora 15
securityvulns 7
redhat 5
packetstorm 1
veracode 4
seebug 4
cve 3
checkpoint_advisories 3
zdt 2
amazon 3
slackware 2
hackerone 1
centos 1
ubuntucve 3
osv 5
f5 5
oraclelinux 2
exploitpack 1
prion 4
freebsd 1
mageia 3
debiancve 1
ubuntu 2
debian 9
exploitdb 1
openvas
openvas
SUSE: Security Advisory for PHP5 (SUSE-SU-2014:0873-2)
2015-10-16 00:00:00
SUSE: Security Advisory (SUSE-SU-2014:0873-2)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2014:0873-1)
2021-06-09 00:00:00
ibm
ibm
Security Bulletin: Vulnerabilities in PHP affect IBM Chassis Management Module (CMM) (CVE-2013-4248, CVE-2013-6420, CVE-2014-2497, CVE-2014-4049)
2019-01-31 01:55:01
Security Bulletin: Vulnerabilities in php5 affect IBM Flex System Manager (FSM): (CVE-2013-4248 CVE-2013-6420 CVE-2014-2497 CVE-2014-4049)
2019-01-31 01:30:01
Security Bulletin: Network Intrusion Prevention System is affected by curl and php5 vulnerabilities (CVE-2013-2174, CVE-2014-0015, CVE-2014-0138, CVE-2014-0139, CVE-2013-4248, CVE-2013-6420, CVE-2014-2497, CVE-2014-4049)
2022-02-23 17:14:38
suse
suse
Security update for PHP5 (important)
2014-07-05 02:05:05
Security update for PHP5 (important)
2014-07-04 00:04:20
Security update for php53 (important)
2014-07-04 01:04:18
nessus
nessus
SuSE 11.2 Security Update : PHP5 (SAT Patch Number 8710)
2014-01-15 00:00:00
SUSE SLES11 Security Update : PHP5 (SUSE-SU-2014:0868-1)
2015-05-20 00:00:00
PHP 5.3.x < 5.3.28 Multiple OpenSSL Vulnerabilities
2013-12-14 00:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: php-5.5.7-1.fc19
2013-12-13 05:03:19
[SECURITY] Fedora 18 Update: php-5.4.23-1.fc18
2013-12-20 02:04:53
[SECURITY] Fedora 19 Update: php-5.5.12-1.fc19
2014-05-12 05:25:38
securityvulns
securityvulns
[ MDVSA-2014:014 ] php
2014-01-29 00:00:00
libgd / PHP DoS
2014-07-22 00:00:00
Advisory 01/2013: PHP openssl_x509_parse&#40;&#41; Memory Corruption Vulnerability
2013-12-30 00:00:00
redhat
redhat
(RHSA-2013:1826) Critical: php security update
2013-12-12 00:00:00
(RHSA-2013:1815) Critical: php security update
2013-12-11 00:00:00
(RHSA-2013:1824) Critical: php security update
2013-12-11 00:00:00
packetstorm
packetstorm
PHP openssl_x509_parse() Memory Corruption
2013-12-15 00:00:00
veracode
veracode
Remote Code Execution (RCE)
2019-01-15 08:53:15
Denial Of Service (DoS)
2019-01-15 09:02:04
Man-in-the-Middle (MitM)
2019-05-02 04:52:37
seebug
seebug
PHP openssl_x509_parse() - Memory Corruption Vulnerability
2014-07-01 00:00:00
PHP OpenSSL Extension 'openssl_x509_parse()'内存破坏漏洞
2013-12-18 00:00:00
php-gd 'gdxpm.c'空指针拒绝服务漏洞
2014-03-17 00:00:00
cve
cve
CVE-2013-6420
2013-12-17 04:46:00
CVE-2014-2497
2014-03-21 14:55:00
CVE-2014-4049
2014-06-18 19:55:00
checkpoint_advisories
checkpoint_advisories
PHP SSL Certificate Validation Security Bypass (CVE-2013-4248)
2013-08-28 00:00:00
PHP OpenSSL Extension X.509 Certificate Memory Corruption (CVE-2013-6420)
2013-12-26 00:00:00
PHP php_parserr DNS_TXT Heap Buffer Overflow (CVE-2014-4049)
2014-07-16 00:00:00
zdt
zdt
PHP openssl_x509_parse() Memory Corruption Vulnerability
2013-12-17 00:00:00
PHP openssl_x509_parse() Memory Corruption Vulnerability
2013-12-16 00:00:00
amazon
amazon
Critical: php54
2013-12-17 21:29:00
Critical: php55
2013-12-17 21:29:00
Critical: php
2013-12-17 21:29:00
slackware
slackware
php
2014-01-13 22:30:32
[slackware-security] php
2013-08-30 07:46:30
hackerone
hackerone
Internet Bug Bounty: PHP openssl_x509_parse() Memory Corruption Vulnerability
2013-11-30 23:00:00
centos
centos
php, php53 security update
2013-12-11 09:25:38
ubuntucve
ubuntucve
CVE-2013-6420
2013-12-11 00:00:00
CVE-2014-2497
2014-03-21 00:00:00
CVE-2014-4049
2014-06-18 00:00:00
osv
osv
php5 - interpretation conflict
2013-08-26 00:00:00
php5 - security update
2014-06-27 00:00:00
php5 - security update
2014-06-16 00:00:00
f5
f5
K15110 : PHP Vulnerability CVE-2013-6420
2014-05-23 00:00:00
SOL15110 - PHP Vulnerability CVE-2013-6420
2014-03-27 00:00:00
SOL15761 - Multiple PHP 5.x vulnerabilities
2014-10-30 00:00:00
oraclelinux
oraclelinux
php53 and php security update
2013-12-10 00:00:00
php53 and php security update
2014-09-30 00:00:00
exploitpack
exploitpack
PHP - openssl_x509_parse() Memory Corruption
2013-12-17 00:00:00
prion
prion
Memory corruption
2013-12-17 04:46:00
Null pointer dereference
2014-03-21 14:55:00
Heap overflow
2014-06-18 19:55:00
freebsd
freebsd
PHP5 -- memory corruption in openssl_x509_parse()
2013-12-13 00:00:00
mageia
mageia
Updated gd and libgd packages fix security vulnerability
2014-07-09 02:44:55
Updated php packages fix CVE-2013-4248 and prevent the two gd packages being installed at once
2013-08-30 21:30:10
Updated php packages fix multiple security vulnerabilities
2013-12-20 01:08:56
debiancve
debiancve
CVE-2014-2497
2014-03-21 14:55:00
ubuntu
ubuntu
PHP vulnerability
2013-09-05 00:00:00
PHP vulnerabilities
2013-12-12 00:00:00
debian
debian
[SECURITY] [DSA 2742-1] php5 security update
2013-08-26 19:50:29
[SECURITY] [DSA 2961-1] php5 security update
2014-06-16 19:30:13
php5 security update
2014-06-27 11:29:37
exploitdb
exploitdb
PHP - &#039;openssl_x509_parse()&#039; Memory Corruption
2013-12-17 00:00:00

0.951 High

EPSS

Percentile

99.1%

JSON
Related for SUSE-SU-2014:0873-2
openvas64ibm3suse3nessus41fedora15securityvulns7redhat5packetstorm1veracode4seebug4cve3checkpoint_advisories3zdt2amazon3slackware2hackerone1centos1ubuntucve3osv5f55oraclelinux2exploitpack1prion4freebsd1mageia3debiancve1ubuntu2debian9exploitdb1