NVD

Id
32619  
Name
CVE-2014-4670  
Description
Use-after-free vulnerability in ext/spl/spl_dllist.c in the SPL component in PHP through 5.5.14 allows context-dependent attackers to cause a denial of service or possibly have unspecified other impact via crafted iterator usage within applications in certain web-hosting environments.  
Reject
 
CVSS Version
2  
CVSS Score
4.6  
Severity
Medium  
CVSS Base Score
4.6  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
3.9  
CVSS Vector
(AV:L/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-19  
Published
2014-07-10  
Modified Date
2017-01-06  
Seq
2014-4670  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
171807 32619 CVE-2014-4670 APPLE-SA-2015-04-08-2  View
171808 32619 CVE-2014-4670 openSUSE-SU-2014:0945  View
171809 32619 CVE-2014-4670 openSUSE-SU-2014:1236  View
171810 32619 CVE-2014-4670 RHSA-2014:1326  View
171811 32619 CVE-2014-4670 RHSA-2014:1327  View
171812 32619 CVE-2014-4670 RHSA-2014:1765  View
171813 32619 CVE-2014-4670 RHSA-2014:1766  View
171814 32619 CVE-2014-4670 54553  View
171815 32619 CVE-2014-4670 60696  View
171816 32619 CVE-2014-4670 http://www-01.ibm.com/support/docview.wss?uid=swg21683486  View
171817 32619 CVE-2014-4670 DSA-3008  View
171818 32619 CVE-2014-4670 http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html  View
171819 32619 CVE-2014-4670 https://bugs.php.net/bug.php?id=67538  View
171820 32619 CVE-2014-4670 https://support.apple.com/HT204659  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
14426 JVNDB-2014-003301 PHP の SPL コンポーネントの ext/spl/spl_dllist.c におけるサービス運用妨害 (DoS) の脆弱性 PHP の SPL コンポーネントの ext/spl/spl_dllist.c には、解放済みメモリの使用 (Use-after-free) により、サービス運用妨害 (DoS) 状態にされるなど、不特定の影響を受ける脆弱性が存在します。 CVE-2014-4670 71959 CVE-2014-4670 32619 4.6 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-003301.html 2014-06-29 2015-04-10 View