Lucene search
UbuntuUSN-2344-1HistorySep 10, 2014 - 12:00 a.m.
PHP vulnerabilities
2014-09-1000:00:00
ubuntu.com
44
9.8 High
AI Score
Confidence
High
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.08 Low
EPSS
Percentile
94.2%
Releases
- Ubuntu 14.04 ESM
- Ubuntu 12.04
- Ubuntu 10.04
Packages
- php5 - HTML-embedded scripting language interpreter
Details
It was discovered that the Fileinfo component in php5 contains an integer
overflow. An attacker could use this flaw to cause a denial of service
or possibly execute arbitrary code via a crafted CDF file. (CVE-2014-3587)
It was discovered that the php_parserr function contains multiple buffer
overflows. An attacker could use this flaw to cause a denial of service
or possibly execute arbitrary code via crafted DNS records. (CVE-2014-3597)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 14.04 | noarch | libapache2-mod-php5 | < 5.5.9+dfsg-1ubuntu4.4 | UNKNOWN |
| Ubuntu | 14.04 | noarch | libapache2-mod-php5filter | < 5.5.9+dfsg-1ubuntu4.4 | UNKNOWN |
| Ubuntu | 14.04 | noarch | libphp5-embed | < 5.5.9+dfsg-1ubuntu4.4 | UNKNOWN |
| Ubuntu | 14.04 | noarch | php5-cgi | < 5.5.9+dfsg-1ubuntu4.4 | UNKNOWN |
| Ubuntu | 14.04 | noarch | php5-cli | < 5.5.9+dfsg-1ubuntu4.4 | UNKNOWN |
| Ubuntu | 14.04 | noarch | php5-common | < 5.5.9+dfsg-1ubuntu4.4 | UNKNOWN |
| Ubuntu | 14.04 | noarch | php5-curl | < 5.5.9+dfsg-1ubuntu4.4 | UNKNOWN |
| Ubuntu | 14.04 | noarch | php5-dbg | < 5.5.9+dfsg-1ubuntu4.4 | UNKNOWN |
| Ubuntu | 14.04 | noarch | php5-dev | < 5.5.9+dfsg-1ubuntu4.4 | UNKNOWN |
| Ubuntu | 14.04 | noarch | php5-enchant | < 5.5.9+dfsg-1ubuntu4.4 | UNKNOWN |
Related
securityvulns
securityvulns
[USN-2344-1] PHP vulnerabilities
2014-09-15 00:00:00
PHP security vulnerabilities
2014-09-15 00:00:00
[ MDVSA-2014:167 ] file
2014-09-03 00:00:00
kitploit
kitploit
Versionscan - A PHP Version Scanner For Reporting Possible Vulnerabilities
2019-05-21 21:17:00
nessus
nessus
Ubuntu 14.04 LTS : PHP vulnerabilities (USN-2344-1)
2014-09-10 00:00:00
Ubuntu 14.04 LTS : file vulnerability (USN-2369-1)
2014-10-03 00:00:00
Mandriva Linux Security Advisory : file (MDVSA-2014:167)
2014-09-12 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-2344-1)
2014-09-10 00:00:00
PHP Multiple Vulnerabilities - 01 (Aug 2014)
2014-08-25 00:00:00
Mageia: Security Advisory (MGASA-2014-0367)
2022-01-28 00:00:00
mageia
mageia
Updated php packages fix multiple security vulnerabilities
2014-09-05 13:07:37
Updated file packages fix CVE-2014-3587
2014-08-27 03:04:56
checkpoint_advisories
checkpoint_advisories
PHP Fileinfo cdf_read_property_info Denial of Service (CVE-2014-3587)
2014-10-26 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:04:19
Arbitrary Code Execution
2019-05-02 05:04:19
Denial Of Service (DoS)
2019-05-02 05:04:17
ubuntu
ubuntu
file vulnerability
2014-10-03 00:00:00
redhat
redhat
(RHSA-2014:1326) Moderate: php53 and php security update
2014-09-30 00:00:00
(RHSA-2014:1327) Moderate: php security update
2014-09-30 00:00:00
(RHSA-2016:0760) Moderate: file security, bug fix, and enhancement update
2016-05-10 06:42:18
debian
debian
[SECURITY] [DLA 67-1] php5 security update
2014-09-30 07:46:52
[SECURITY] [DSA 3008-2] php5 regression update
2014-08-21 12:39:59
[SECURITY] [DSA 3008-1] php5 security update
2014-08-21 06:22:21
osv
osv
php5 - security update
2014-09-30 00:00:00
php5 - security update
2014-08-21 00:00:00
file - security update
2014-09-10 00:00:00
centos
centos
php, php53 security update
2014-09-30 10:27:47
php security update
2014-09-30 10:59:18
file, python security update
2016-05-16 10:13:44
fedora
fedora
[SECURITY] Fedora 20 Update: php-5.5.16-1.fc20
2014-09-02 06:40:37
[SECURITY] Fedora 19 Update: php-5.5.16-1.fc19
2014-09-02 06:47:45
[SECURITY] Fedora 20 Update: file-5.19-7.fc20
2014-10-29 11:03:54
oraclelinux
oraclelinux
php53 and php security update
2014-09-30 00:00:00
php security update
2014-09-30 00:00:00
file security, bug fix, and enhancement update
2016-05-12 00:00:00
ubuntucve
ubuntucve
CVE-2014-3587
2014-08-22 00:00:00
CVE-2014-3597
2014-08-22 00:00:00
slackware
slackware
[slackware-security] php
2014-09-04 22:00:56
prion
prion
Buffer overflow
2014-08-23 01:55:00
Integer overflow
2014-08-23 01:55:00
cve
cve
CVE-2014-3597
2014-08-23 01:55:00
CVE-2014-3587
2014-08-23 01:55:00
debiancve
debiancve
CVE-2014-3587
2014-08-23 01:55:00
amazon
amazon
Medium: file
2014-09-03 14:38:00
Medium: php55
2014-09-18 21:03:00
ibm
ibm
f5
f5
SOL15761 - Multiple PHP 5.x vulnerabilities
2014-10-30 00:00:00
K15761 : Multiple PHP 5.x vulnerabilities
2015-09-17 00:00:00
suse
suse
Security update for php53 (important)
2016-09-16 21:09:09
Security update for php5 (important)
2016-10-04 17:11:09
Security update for php5 (important)
2016-09-28 15:09:48
gentoo
gentoo
PHP: Multiple vulnerabilities
2014-08-29 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1950
2021-07-02 17:57:45
oracle
oracle
Oracle Critical Patch Update - October 2017
2017-10-17 00:00:00
9.8 High
AI Score
Confidence
High
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.08 Low
EPSS
Percentile
94.2%
Related for USN-2344-1