Web application abuses : PHP Multiple Use-After-Free Vulnerabilities

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.804682

Categoría: Web application abuses

Título: PHP Multiple Use-After-Free Vulnerabilities - Jul14

Resumen: PHP is prone to multiple use-after-free vulnerabilities.

Descripción: Summary:
PHP is prone to multiple use-after-free vulnerabilities.

Vulnerability Insight:
The flaws are due to an use-after-free error related to SPL iterators
and ArrayIterators.

Vulnerability Impact:
Successful exploitation will allow remote attackers to conduct denial of
service attacks or possibly have some other unspecified impact.

Affected Software/OS:
PHP version 5.x through 5.5.14

Solution:
Apply the updates/patches from the referenced links.

CVSS Score:
4.6

CVSS Vector:
AV:L/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: BugTraq ID: 68511
BugTraq ID: 68513
Common Vulnerability Exposure (CVE) ID: CVE-2014-4698
http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html
RedHat Security Advisories: RHSA-2014:1326
http://rhn.redhat.com/errata/RHSA-2014-1326.html
RedHat Security Advisories: RHSA-2014:1327
http://rhn.redhat.com/errata/RHSA-2014-1327.html
RedHat Security Advisories: RHSA-2014:1765
http://rhn.redhat.com/errata/RHSA-2014-1765.html
RedHat Security Advisories: RHSA-2014:1766
http://rhn.redhat.com/errata/RHSA-2014-1766.html
http://secunia.com/advisories/54553
http://secunia.com/advisories/59831
SuSE Security Announcement: openSUSE-SU-2014:0945 (Google Search)
http://lists.opensuse.org/opensuse-updates/2014-07/msg00035.html
SuSE Security Announcement: openSUSE-SU-2014:1236 (Google Search)
http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-4670
Debian Security Information: DSA-3008 (Google Search)
http://www.debian.org/security/2014/dsa-3008
http://secunia.com/advisories/60696

Copyright Copyright (C) 2014 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.804682
Categoría:	Web application abuses
Título:	PHP Multiple Use-After-Free Vulnerabilities - Jul14
Resumen:	PHP is prone to multiple use-after-free vulnerabilities.
Descripción:	Summary: PHP is prone to multiple use-after-free vulnerabilities. Vulnerability Insight: The flaws are due to an use-after-free error related to SPL iterators and ArrayIterators. Vulnerability Impact: Successful exploitation will allow remote attackers to conduct denial of service attacks or possibly have some other unspecified impact. Affected Software/OS: PHP version 5.x through 5.5.14 Solution: Apply the updates/patches from the referenced links. CVSS Score: 4.6 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	BugTraq ID: 68511 BugTraq ID: 68513 Common Vulnerability Exposure (CVE) ID: CVE-2014-4698 http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html RedHat Security Advisories: RHSA-2014:1326 http://rhn.redhat.com/errata/RHSA-2014-1326.html RedHat Security Advisories: RHSA-2014:1327 http://rhn.redhat.com/errata/RHSA-2014-1327.html RedHat Security Advisories: RHSA-2014:1765 http://rhn.redhat.com/errata/RHSA-2014-1765.html RedHat Security Advisories: RHSA-2014:1766 http://rhn.redhat.com/errata/RHSA-2014-1766.html http://secunia.com/advisories/54553 http://secunia.com/advisories/59831 SuSE Security Announcement: openSUSE-SU-2014:0945 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-07/msg00035.html SuSE Security Announcement: openSUSE-SU-2014:1236 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.html Common Vulnerability Exposure (CVE) ID: CVE-2014-4670 Debian Security Information: DSA-3008 (Google Search) http://www.debian.org/security/2014/dsa-3008 http://secunia.com/advisories/60696
Copyright	Copyright (C) 2014 Greenbone Networks GmbH