cve-2014-3515
Vulnerability from cvelistv5
Published
2014-07-09 10:00
Modified
2024-08-06 10:43
Severity ?
Summary
The SPL component in PHP before 5.4.30 and 5.5.x before 5.5.14 incorrectly anticipates that certain data structures will have the array data type after unserialization, which allows remote attackers to execute arbitrary code via a crafted string that triggers use of a Hashtable destructor, related to "type confusion" issues in (1) ArrayObject and (2) SPLObjectStorage.
References
secalert@redhat.comhttp://git.php.net/?p=php-src.git%3Ba=commit%3Bh=88223c5245e9b470e1e6362bfd96829562ffe6ab
secalert@redhat.comhttp://lists.opensuse.org/opensuse-updates/2014-09/msg00046.htmlMailing List, Third Party Advisory
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=141017844705317&w=2Mailing List, Third Party Advisory
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=141017844705317&w=2Mailing List, Third Party Advisory
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2014-1765.htmlThird Party Advisory
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2014-1766.htmlThird Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/59794Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/59831Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/60998Third Party Advisory
secalert@redhat.comhttp://support.apple.com/kb/HT6443Third Party Advisory
secalert@redhat.comhttp://www-01.ibm.com/support/docview.wss?uid=swg21683486Third Party Advisory
secalert@redhat.comhttp://www.debian.org/security/2014/dsa-2974Third Party Advisory
secalert@redhat.comhttp://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.htmlThird Party Advisory
secalert@redhat.comhttp://www.php.net/ChangeLog-5.phpVendor Advisory
secalert@redhat.comhttp://www.securityfocus.com/bid/68237Third Party Advisory, VDB Entry
secalert@redhat.comhttps://bugs.php.net/bug.php?id=67492Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=88223c5245e9b470e1e6362bfd96829562ffe6ab
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=141017844705317&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=141017844705317&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2014-1765.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2014-1766.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/59794Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/59831Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/60998Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://support.apple.com/kb/HT6443Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21683486Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2014/dsa-2974Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.php.net/ChangeLog-5.phpVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/68237Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://bugs.php.net/bug.php?id=67492Patch, Vendor Advisory
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T10:43:06.284Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=88223c5245e9b470e1e6362bfd96829562ffe6ab"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683486"
          },
          {
            "name": "RHSA-2014:1766",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1766.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.php.net/bug.php?id=67492"
          },
          {
            "name": "HPSBUX03102",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141017844705317\u0026w=2"
          },
          {
            "name": "DSA-2974",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2014/dsa-2974"
          },
          {
            "name": "59794",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59794"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.php.net/ChangeLog-5.php"
          },
          {
            "name": "60998",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60998"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT6443"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"
          },
          {
            "name": "RHSA-2014:1765",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1765.html"
          },
          {
            "name": "SSRT101681",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141017844705317\u0026w=2"
          },
          {
            "name": "68237",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/68237"
          },
          {
            "name": "59831",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59831"
          },
          {
            "name": "openSUSE-SU-2014:1236",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-06-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The SPL component in PHP before 5.4.30 and 5.5.x before 5.5.14 incorrectly anticipates that certain data structures will have the array data type after unserialization, which allows remote attackers to execute arbitrary code via a crafted string that triggers use of a Hashtable destructor, related to \"type confusion\" issues in (1) ArrayObject and (2) SPLObjectStorage."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-01-04T17:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=88223c5245e9b470e1e6362bfd96829562ffe6ab"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683486"
        },
        {
          "name": "RHSA-2014:1766",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-1766.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.php.net/bug.php?id=67492"
        },
        {
          "name": "HPSBUX03102",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141017844705317\u0026w=2"
        },
        {
          "name": "DSA-2974",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2014/dsa-2974"
        },
        {
          "name": "59794",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59794"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.php.net/ChangeLog-5.php"
        },
        {
          "name": "60998",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60998"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT6443"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"
        },
        {
          "name": "RHSA-2014:1765",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-1765.html"
        },
        {
          "name": "SSRT101681",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141017844705317\u0026w=2"
        },
        {
          "name": "68237",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/68237"
        },
        {
          "name": "59831",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59831"
        },
        {
          "name": "openSUSE-SU-2014:1236",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2014-3515",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The SPL component in PHP before 5.4.30 and 5.5.x before 5.5.14 incorrectly anticipates that certain data structures will have the array data type after unserialization, which allows remote attackers to execute arbitrary code via a crafted string that triggers use of a Hashtable destructor, related to \"type confusion\" issues in (1) ArrayObject and (2) SPLObjectStorage."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://git.php.net/?p=php-src.git;a=commit;h=88223c5245e9b470e1e6362bfd96829562ffe6ab",
              "refsource": "CONFIRM",
              "url": "http://git.php.net/?p=php-src.git;a=commit;h=88223c5245e9b470e1e6362bfd96829562ffe6ab"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21683486",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683486"
            },
            {
              "name": "RHSA-2014:1766",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1766.html"
            },
            {
              "name": "https://bugs.php.net/bug.php?id=67492",
              "refsource": "CONFIRM",
              "url": "https://bugs.php.net/bug.php?id=67492"
            },
            {
              "name": "HPSBUX03102",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141017844705317\u0026w=2"
            },
            {
              "name": "DSA-2974",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2014/dsa-2974"
            },
            {
              "name": "59794",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59794"
            },
            {
              "name": "http://www.php.net/ChangeLog-5.php",
              "refsource": "CONFIRM",
              "url": "http://www.php.net/ChangeLog-5.php"
            },
            {
              "name": "60998",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60998"
            },
            {
              "name": "http://support.apple.com/kb/HT6443",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT6443"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"
            },
            {
              "name": "RHSA-2014:1765",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1765.html"
            },
            {
              "name": "SSRT101681",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141017844705317\u0026w=2"
            },
            {
              "name": "68237",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/68237"
            },
            {
              "name": "59831",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59831"
            },
            {
              "name": "openSUSE-SU-2014:1236",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2014-3515",
    "datePublished": "2014-07-09T10:00:00",
    "dateReserved": "2014-05-14T00:00:00",
    "dateUpdated": "2024-08-06T10:43:06.284Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2014-3515\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2014-07-09T11:07:01.883\",\"lastModified\":\"2024-11-21T02:08:16.927\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The SPL component in PHP before 5.4.30 and 5.5.x before 5.5.14 incorrectly anticipates that certain data structures will have the array data type after unserialization, which allows remote attackers to execute arbitrary code via a crafted string that triggers use of a Hashtable destructor, related to \\\"type confusion\\\" issues in (1) ArrayObject and (2) SPLObjectStorage.\"},{\"lang\":\"es\",\"value\":\"El componente SPL en PHP anterior a 5.4.30 y 5.5.x anterior a 5.5.14 anticipa incorrectamente que ciertas estructuras de datos tendr\u00e1n el tipo de datos array despu\u00e9s de deserializaci\u00f3n, lo que permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de una cadena manipulada que provoca el uso de un destructor Hashtable, relacionado con problemas de \u0027confusi\u00f3n de tipos\u0027 en (1) ArrayObject y (2) SPLObjectStorage.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.3.29\",\"matchCriteriaId\":\"388E0CDF-737F-437E-B4D9-1001E0651387\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.4.0\",\"versionEndExcluding\":\"5.4.30\",\"matchCriteriaId\":\"AD052020-AA37-4F49-A0FE-EA99616C12C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.5.0\",\"versionEndExcluding\":\"5.5.14\",\"matchCriteriaId\":\"4ADC6057-9D35-4D87-B15D-F6F52A283464\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16F59A04-14CF-49E2-9973-645477EA09DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"}]}]}],\"references\":[{\"url\":\"http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=88223c5245e9b470e1e6362bfd96829562ffe6ab\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=141017844705317\u0026w=2\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=141017844705317\u0026w=2\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-1765.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-1766.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/59794\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/59831\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/60998\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT6443\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21683486\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2014/dsa-2974\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.php.net/ChangeLog-5.php\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/68237\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://bugs.php.net/bug.php?id=67492\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=88223c5245e9b470e1e6362bfd96829562ffe6ab\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=141017844705317\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=141017844705317\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-1765.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-1766.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/59794\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/59831\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/60998\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT6443\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21683486\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2014/dsa-2974\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.php.net/ChangeLog-5.php\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/68237\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://bugs.php.net/bug.php?id=67492\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.