CVE-2014-3515
Advisory lineage Upstream: 0 Downstream: 11
Modified
Published: 09 Jul 2014, 10:00
Last modified:06 Aug 2024, 10:43
Vulnerability Summary
Overall Risk (default)
medium
40/100 CVSS Score
7.5 HIGH
v2.0 (nvd)
EPSS Score
48.66% HIGH
49% probability -12.13%
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
09 Jul 2014, 10:00
Published
Vulnerability first disclosed
06 Aug 2024, 10:43
Last Modified
Vulnerability information updated
Description
The SPL component in PHP before 5.4.30 and 5.5.x before 5.5.14 incorrectly anticipates that certain data structures will have the array data type after unserialization, which allows remote attackers to execute arbitrary code via a crafted string that triggers use of a Hashtable destructor, related to "type confusion" issues in (1) ArrayObject and (2) SPLObjectStorage.
CVSS Metrics
- v2.0•HIGH•Score: 7.5AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS Trends
Current EPSS score: 48.66%• Percentile: 98%
Affected Systems
- debian•debian_linux
7.0 | 8.0
- Unknown•PHP
< 5.3.29 | ≥ 5.4.0, < 5.4.30 | ≥ 5.5.0, < 5.5.14
References (15)
- http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=88223c5245e9b470e1e6362bfd96829562ffe6ab
- http://www-01.ibm.com/support/docview.wss?uid=swg21683486
- http://rhn.redhat.com/errata/RHSA-2014-1766.html
- https://bugs.php.net/bug.php?id=67492
- http://marc.info/?l=bugtraq&m=141017844705317&w=2
- http://www.debian.org/security/2014/dsa-2974
- http://secunia.com/advisories/59794
- http://www.php.net/ChangeLog-5.php
- http://secunia.com/advisories/60998
- http://support.apple.com/kb/HT6443
- http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html
- http://rhn.redhat.com/errata/RHSA-2014-1765.html
- http://www.securityfocus.com/bid/68237
- http://secunia.com/advisories/59831
- http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.html