Computer Security
[EN] securityvulns.ru no-pyccku


CVECVE-2014-9705
StatusCandidate
DescriptionHeap-based buffer overflow in the enchant_broker_request_dict function in ext/enchant/enchant.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 allows remote attackers to execute arbitrary code via vectors that trigger creation of multiple dictionaries.
Severity
High
CVSS score7,5
CVSS vector(AV:N/AC:L/Au:N/C:P/I:P/A:P)
PhaseAssigned (09.10.2015)
NVD:http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9705
ReferencesSECTRACK : 1031948
 DEBIAN : DSA-3195
 CONFIRM : http://php.net/ChangeLog-5.php
 CONFIRM : http://svn.php.net/viewvc/pecl/enchant/trunk/encha...
 CONFIRM : https://bugs.php.net/bug.php?id=68552
 MISC : https://www.htbridge.com/advisory/HTB23252
 MANDRIVA : MDVSA-2015:079
 SUSE : openSUSE-SU-2015:0644
 UBUNTU : USN-2535-1
 MLIST : [oss-security] 20150315 Re: CVE Request: PHP 5.6.6 changelog
SecurityVulns:PHP multiple security vulnerabilities
 Apple Mac OS X / Mac EFI / OS X Server multiple security vulnerabilities
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod