Vulnerability & Exploit Database

Back to search

PHP Vulnerability: CVE-2014-9705

Severity CVSS Published Added Modified
8 (AV:N/AC:L/Au:N/C:P/I:P/A:P) March 30, 2015 April 27, 2015 January 08, 2018

Description

Heap-based buffer overflow in the enchant_broker_request_dict function in ext/enchant/enchant.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 allows remote attackers to execute arbitrary code via vectors that trigger creation of multiple dictionaries.

Free Nexpose Download

Discover, prioritize, and remediate security risks today!

 Download now

References

Solution

php-upgrade-5_4_38

Related Vulnerabilities