CVE-2014-3597
php: multiple buffer over-reads in php_parserr
Severity Score
9.8
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Multiple buffer overflows in the php_parserr function in ext/standard/dns.c in PHP before 5.4.32 and 5.5.x before 5.5.16 allow remote DNS servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted DNS record, related to the dns_get_record function and the dn_expand function. NOTE: this issue exists because of an incomplete fix for CVE-2014-4049.
Múltiples desbordamientos de buffer en la función php_parserr en ext/standard/dns.c en PHP anterior a 5.4.32 y 5.5.x anterior a 5.5.16 permiten a servidores DNS remotos causar una denegación de servicio (la caída de la aplicación) o posiblemente ejecutar código arbitrario a través de un registro DNS manipulado, relacionado con la función dns_get_record y la función dn_expand. NOTA: este problema existe debido a una solución incompleta para CVE-2014-4049.
Multiple buffer over-read flaws were found in the php_parserr() function of PHP. A malicious DNS server or a man-in-the-middle attacker could possibly use this flaw to crash a PHP application that used the dns_get_record() function to perform a DNS query.
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. PHP's fileinfo module provides functions used to identify a particular file according to the type of data contained by the file. A buffer overflow flaw was found in the way the File Information extension processed certain Pascal strings. A remote attacker able to make a PHP application using fileinfo convert a specially crafted Pascal string provided by an image file could cause that application to crash. Multiple flaws were found in the File Information extension regular expression rules for detecting various files. A remote attacker could use either of these flaws to cause a PHP application using fileinfo to consume an excessive amount of CPU.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2014-05-14 CVE Reserved
- 2014-08-21 CVE Published
- 2024-08-06 CVE Updated
- 2025-04-16 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
- CWE-125: Out-of-bounds Read
CAPEC
References (20)
| URL | Tag | Source |
|---|---|---|
| http://php.net/ChangeLog-5.php | X_refsource_confirm | |
| http://secunia.com/advisories/60609 | Third Party Advisory | |
| http://secunia.com/advisories/60696 | Third Party Advisory | |
| http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html | X_refsource_confirm |
|
| http://www.securityfocus.com/bid/69322 | Vdb Entry | |
| https://github.com/php/php-src/commit/2fefae47716d501aec41c1102f3fd4531f070b05 | X_refsource_confirm | |
| https://security-tracker.debian.org/tracker/CVE-2014-3597 | X_refsource_confirm | |
| https://support.apple.com/HT204659 | X_refsource_confirm |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html | 2017-01-07 | |
| http://lists.opensuse.org/opensuse-updates/2014-09/msg00024.html | 2017-01-07 | |
| http://lists.opensuse.org/opensuse-updates/2014-09/msg00055.html | 2017-01-07 | |
| http://rhn.redhat.com/errata/RHSA-2014-1326.html | 2017-01-07 | |
| http://rhn.redhat.com/errata/RHSA-2014-1327.html | 2017-01-07 | |
| http://rhn.redhat.com/errata/RHSA-2014-1765.html | 2017-01-07 | |
| http://rhn.redhat.com/errata/RHSA-2014-1766.html | 2017-01-07 | |
| http://www.debian.org/security/2014/dsa-3008 | 2017-01-07 | |
| http://www.ubuntu.com/usn/USN-2344-1 | 2017-01-07 | |
| https://bugs.php.net/bug.php?id=67717 | 2017-01-07 | |
| https://access.redhat.com/security/cve/CVE-2014-3597 | 2014-10-30 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1132589 | 2014-10-30 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | <= 5.4.31 Search vendor "Php" for product "Php" and version " <= 5.4.31" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.0 Search vendor "Php" for product "Php" and version "5.4.0" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.0 Search vendor "Php" for product "Php" and version "5.4.0" | beta2 |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.0 Search vendor "Php" for product "Php" and version "5.4.0" | beta2, 32-bit |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.0 Search vendor "Php" for product "Php" and version "5.4.0" | rc2 |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.1 Search vendor "Php" for product "Php" and version "5.4.1" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.2 Search vendor "Php" for product "Php" and version "5.4.2" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.3 Search vendor "Php" for product "Php" and version "5.4.3" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.4 Search vendor "Php" for product "Php" and version "5.4.4" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.5 Search vendor "Php" for product "Php" and version "5.4.5" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.6 Search vendor "Php" for product "Php" and version "5.4.6" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.7 Search vendor "Php" for product "Php" and version "5.4.7" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.8 Search vendor "Php" for product "Php" and version "5.4.8" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.9 Search vendor "Php" for product "Php" and version "5.4.9" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.10 Search vendor "Php" for product "Php" and version "5.4.10" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.11 Search vendor "Php" for product "Php" and version "5.4.11" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.12 Search vendor "Php" for product "Php" and version "5.4.12" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.12 Search vendor "Php" for product "Php" and version "5.4.12" | rc1 |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.12 Search vendor "Php" for product "Php" and version "5.4.12" | rc2 |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.13 Search vendor "Php" for product "Php" and version "5.4.13" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.13 Search vendor "Php" for product "Php" and version "5.4.13" | rc1 |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.14 Search vendor "Php" for product "Php" and version "5.4.14" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.14 Search vendor "Php" for product "Php" and version "5.4.14" | rc1 |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.15 Search vendor "Php" for product "Php" and version "5.4.15" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.15 Search vendor "Php" for product "Php" and version "5.4.15" | rc1 |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.16 Search vendor "Php" for product "Php" and version "5.4.16" | rc1 |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.17 Search vendor "Php" for product "Php" and version "5.4.17" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.18 Search vendor "Php" for product "Php" and version "5.4.18" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.19 Search vendor "Php" for product "Php" and version "5.4.19" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.20 Search vendor "Php" for product "Php" and version "5.4.20" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.21 Search vendor "Php" for product "Php" and version "5.4.21" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.22 Search vendor "Php" for product "Php" and version "5.4.22" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.23 Search vendor "Php" for product "Php" and version "5.4.23" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.24 Search vendor "Php" for product "Php" and version "5.4.24" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.25 Search vendor "Php" for product "Php" and version "5.4.25" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.26 Search vendor "Php" for product "Php" and version "5.4.26" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.27 Search vendor "Php" for product "Php" and version "5.4.27" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.28 Search vendor "Php" for product "Php" and version "5.4.28" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.29 Search vendor "Php" for product "Php" and version "5.4.29" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.30 Search vendor "Php" for product "Php" and version "5.4.30" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.0 Search vendor "Php" for product "Php" and version "5.5.0" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.0 Search vendor "Php" for product "Php" and version "5.5.0" | alpha1 |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.0 Search vendor "Php" for product "Php" and version "5.5.0" | alpha2 |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.0 Search vendor "Php" for product "Php" and version "5.5.0" | alpha3 |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.0 Search vendor "Php" for product "Php" and version "5.5.0" | alpha4 |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.0 Search vendor "Php" for product "Php" and version "5.5.0" | alpha5 |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.0 Search vendor "Php" for product "Php" and version "5.5.0" | alpha6 |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.0 Search vendor "Php" for product "Php" and version "5.5.0" | beta1 |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.0 Search vendor "Php" for product "Php" and version "5.5.0" | beta2 |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.0 Search vendor "Php" for product "Php" and version "5.5.0" | beta3 |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.0 Search vendor "Php" for product "Php" and version "5.5.0" | beta4 |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.0 Search vendor "Php" for product "Php" and version "5.5.0" | rc1 |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.0 Search vendor "Php" for product "Php" and version "5.5.0" | rc2 |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.1 Search vendor "Php" for product "Php" and version "5.5.1" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.2 Search vendor "Php" for product "Php" and version "5.5.2" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.3 Search vendor "Php" for product "Php" and version "5.5.3" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.4 Search vendor "Php" for product "Php" and version "5.5.4" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.5 Search vendor "Php" for product "Php" and version "5.5.5" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.6 Search vendor "Php" for product "Php" and version "5.5.6" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.7 Search vendor "Php" for product "Php" and version "5.5.7" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.8 Search vendor "Php" for product "Php" and version "5.5.8" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.9 Search vendor "Php" for product "Php" and version "5.5.9" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.10 Search vendor "Php" for product "Php" and version "5.5.10" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.11 Search vendor "Php" for product "Php" and version "5.5.11" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.12 Search vendor "Php" for product "Php" and version "5.5.12" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.13 Search vendor "Php" for product "Php" and version "5.5.13" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.14 Search vendor "Php" for product "Php" and version "5.5.14" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.15 Search vendor "Php" for product "Php" and version "5.5.15" | - |
Affected
| ||||||