Lucene search
Ubuntu.comUB:CVE-2014-2020HistoryFeb 18, 2014 - 12:00 a.m.
CVE-2014-2020
2014-02-1800:00:00
ubuntu.com
ubuntu.com
12
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.003 Low
EPSS
Percentile
70.0%
ext/gd/gd.c in PHP 5.5.x before 5.5.9 does not check data types, which
might allow remote attackers to obtain sensitive information by using a (1)
string or (2) array data type in place of a numeric data type, as
demonstrated by an imagecrop function call with a string for the x
dimension value, a different vulnerability than CVE-2013-7226.
Bugs
Notes
| Author | Note |
|---|---|
| mdeslaur | imagecrop was introduced in 5.5.0 |
Related
cve
cve
prion
prion
Design/Logic Flaw
2014-02-18 11:55:00
Integer overflow
2014-02-18 11:55:00
Null pointer dereference
2014-02-18 11:55:00
f5
f5
SOL15648 - PHP vulnerability CVE-2014-2020
2014-10-02 00:00:00
K15648 : PHP vulnerability CVE-2014-2020
2014-10-02 00:00:00
SOL15653 - Multiple PHP vulnerabilities
2014-10-02 00:00:00
seebug
seebug
PHP 'ext/gd/gd.c'俥ćŻćłćźćźć´
2014-02-20 00:00:00
hackerone
hackerone
Internet Bug Bounty: PHP Heap Overflow Vulnerability in imagecrop()
2013-12-27 02:57:00
nessus
nessus
Mandriva Linux Security Advisory : php (MDVSA-2014:027)
2014-02-13 00:00:00
PHP 5.5.x < 5.5.9 GD Extension Multiple Vulnerabilities
2014-02-14 00:00:00
PHP 5.5.x < 5.5.9 GD Extension Multiple Vulnerabilities
2014-02-14 00:00:00
ubuntucve
ubuntucve
openvas
openvas
PHP Multiple Vulnerabilities - 01 (May 2014)
2014-05-09 00:00:00
Ubuntu Update for php5 USN-2126-1
2014-03-04 00:00:00
Ubuntu: Security Advisory (USN-2126-1)
2014-03-04 00:00:00
securityvulns
securityvulns
USN-2126-1] PHP vulnerabilities
2014-03-13 00:00:00
PHP multiple security vulnerabilities
2014-03-18 00:00:00
ubuntu
ubuntu
PHP vulnerabilities
2014-03-03 00:00:00
amazon
amazon
Important: php55
2014-03-24 23:37:00
gentoo
gentoo
PHP: Multiple vulnerabilities
2014-08-29 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1950
2021-07-02 17:57:45
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.003 Low
EPSS
Percentile
70.0%
Related for UB:CVE-2014-2020