CVE-2014-4698
php: ArrayIterator use-after-free due to object change during sorting
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Use-after-free vulnerability in ext/spl/spl_array.c in the SPL component in PHP through 5.5.14 allows context-dependent attackers to cause a denial of service or possibly have unspecified other impact via crafted ArrayIterator usage within applications in certain web-hosting environments.
Vulnerabilidad de uso después de liberación en ext/spl/spl_array.c en el componente SPL en PHP hasta 5.5.14 permite a atacantes dependientes de contexto causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de el uso manipulado de ArrayIterator dentro de aplicaciones en ciertos entornos de alojamiento de web.
A use-after-free flaw was found in the way PHP handled certain ArrayIterators. A malicious script author could possibly use this flaw to disclose certain portions of server memory.
Use-after-free vulnerability in ext/spl/spl_array.c in the SPL component in PHP through 5.5.14 allows context-dependent attackers to cause a denial of service or possibly have unspecified other impact via crafted ArrayIterator usage within applications in certain web-hosting environments. Use-after-free vulnerability in ext/spl/spl_dllist.c in the SPL component in PHP through 5.5.14 allows context-dependent attackers to cause a denial of service or possibly have unspecified other impact via crafted iterator usage within applications in certain web-hosting environments. file before 5.19 does not properly restrict the amount of data read during a regex search, which allows remote attackers to cause a denial of service via a crafted file that triggers backtracking during processing of an awk rule. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7345. The updated php packages have been upgraded to the 5.5.15 version and patched to resolve these security flaws. Additionally, the jsonc extension has been upgraded to the 1.3.6 version and the PECL packages which requires so has been rebuilt for php-5.5.15.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2014-06-30 CVE Reserved
- 2014-07-09 CVE Published
- 2024-08-06 CVE Updated
- 2025-04-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-416: Use After Free
CAPEC
References (15)
| URL | Tag | Source |
|---|---|---|
| http://secunia.com/advisories/54553 | Broken Link | |
| http://secunia.com/advisories/59831 | Broken Link | |
| http://www-01.ibm.com/support/docview.wss?uid=swg21683486 | Third Party Advisory | |
| http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html | Third Party Advisory |
|
| https://support.apple.com/HT204659 | Third Party Advisory |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | >= 5.4.0 < 5.4.32 Search vendor "Php" for product "Php" and version " >= 5.4.0 < 5.4.32" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | >= 5.5.0 < 5.5.15 Search vendor "Php" for product "Php" and version " >= 5.5.0 < 5.5.15" | - |
Affected
| ||||||