CVE-2014-9705

PHP < 5.4.37 - Heap-based Buffer Overflow in enchant_broker_request_dict

Title source: manual

Description

Heap-based buffer overflow in the enchant_broker_request_dict function in ext/enchant/enchant.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 allows remote attackers to execute arbitrary code via vectors that trigger creation of multiple dictionaries.

References (23)

Core 23

Core References

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2015/dsa-3195

Vendor Advisory vendor-advisory x_refsource_ubuntu

http://www.ubuntu.com/usn/USN-2535-1

Mailing List vendor-advisory x_refsource_hp

http://marc.info/?l=bugtraq&m=144050155601375&w=2

Exploit x_refsource_confirm

https://bugs.php.net/bug.php?id=68552

Mailing List vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-updates/2015-04/msg00002.html

Exploit x_refsource_misc

https://www.htbridge.com/advisory/HTB23252

Mailing List vendor-advisory x_refsource_apple

http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html

Mailing List vendor-advisory x_refsource_hp

http://marc.info/?l=bugtraq&m=143748090628601&w=2

Vendor Advisory x_refsource_confirm

http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

Vendor Advisory vendor-advisory x_refsource_mandriva

http://www.mandriva.com/security/advisories?name=MDVSA-2015:079

Vendor Advisory x_refsource_confirm

http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html

Various Sources x_refsource_confirm

http://php.net/ChangeLog-5.php

Mailing List vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html

Various Sources x_refsource_confirm

http://svn.php.net/viewvc/pecl/enchant/trunk/enchant.c?r1=317600&r2=335803

Vendor Advisory x_refsource_confirm

https://support.apple.com/HT205267

Vendor Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2015-1053.html

Mailing List mailing-list x_refsource_mlist

http://openwall.com/lists/oss-security/2015/03/15/6

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/73031

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1031948

Third Party Advisory vendor-advisory x_refsource_gentoo

https://security.gentoo.org/glsa/201606-10

Vendor Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2015-1135.html

Vendor Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2015-1066.html

Vendor Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2015-1218.html

Scores

EPSS 0.2697

EPSS Percentile 96.4%

Details

CWE

CWE-119

Status published

Products (29)

php/php 5.5.0 (13 CPE variants)

php/php 5.5.1

php/php 5.5.2

php/php 5.5.3

php/php 5.5.4

php/php 5.5.5

php/php 5.5.6

php/php 5.5.7

php/php 5.5.8

php/php 5.5.9

... and 19 more

Published Mar 30, 2015

Tracked Since Feb 18, 2026