Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2014-4049
HistoryJun 18, 2014 - 7:55 p.m.

CVE-2014-4049

2014-06-1819:55:05
CWE-119
[email protected]
web.nvd.nist.gov
112
4
cve-2014-4049
information security
buffer overflow
php
dns
denial of service
remote code execution

5.1 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

9.8 High

AI Score

Confidence

High

0.948 High

EPSS

Percentile

99.3%

JSON

Heap-based buffer overflow in the php_parserr function in ext/standard/dns.c in PHP 5.6.0beta4 and earlier allows remote servers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted DNS TXT record, related to the dns_get_record function.

Affected configurations

NVD
Node
opensuseopensuseMatch11.3
Node
phpphpRange5.3.05.3.29
OR
phpphpRange5.4.05.4.30
OR
phpphpRange5.5.05.5.14
OR
phpphpMatch5.6.0alpha1
OR
phpphpMatch5.6.0alpha2
OR
phpphpMatch5.6.0alpha3
OR
phpphpMatch5.6.0alpha4
OR
phpphpMatch5.6.0alpha5
OR
phpphpMatch5.6.0beta1
OR
phpphpMatch5.6.0beta2
OR
phpphpMatch5.6.0beta3
Node
debiandebian_linuxMatch7.0
OR
debiandebian_linuxMatch8.0
CPENameOperatorVersion
opensuse:opensuseopensuseeq11.3

References

Social References

More

Related

openvas 41
osv 4
debian 9
checkpoint_advisories 1
prion 2
veracode 4
nvd 2
nessus 37
ubuntucve 2
cvelist 2
cve 1
suse 5
securityvulns 5
ibm 5
ubuntu 2
mageia 3
f5 4
oraclelinux 5
freebsd 1
amazon 3
slackware 1
centos 2
redhat 4
gentoo 1
rosalinux 1
openvas
openvas
Debian Security Advisory DSA 2961-1 (php5 - security update)
2014-06-16 00:00:00
Debian: Security Advisory (DLA-0010-1)
2023-03-08 00:00:00
Debian: Security Advisory (DSA-2961-1)
2014-06-15 00:00:00
osv
osv
php5 - security update
2014-06-27 00:00:00
php5 - security update
2014-06-16 00:00:00
php5 - security update
2014-08-21 00:00:00
debian
debian
[SECURITY] [DSA 2961-1] php5 security update
2014-06-16 19:30:13
php5 security update
2014-06-27 11:30:03
[SECURITY] [DSA 2961-1] php5 security update
2014-06-16 19:30:13
checkpoint_advisories
checkpoint_advisories
PHP php_parserr DNS_TXT Heap Buffer Overflow (CVE-2014-4049)
2014-07-16 00:00:00
prion
prion
Heap overflow
2014-06-18 19:55:00
Buffer overflow
2014-08-23 01:55:00
veracode
veracode
Arbitrary Code Execution
2019-05-02 05:04:21
Denial Of Service (DoS)
2019-05-02 05:04:17
Denial Of Service (DoS)
2019-05-02 05:04:17
nvd
nvd
CVE-2014-4049
2014-06-18 19:55:05
CVE-2014-3597
2014-08-23 01:55:02
nessus
nessus
Debian DSA-2961-1 : php5 - security update
2014-06-17 00:00:00
openSUSE Security Update : php5 (openSUSE-SU-2014:0841-1)
2014-06-26 00:00:00
SUSE SLES11 Security Update : PHP5 (SUSE-SU-2014:0868-1)
2015-05-20 00:00:00
ubuntucve
ubuntucve
CVE-2014-4049
2014-06-18 00:00:00
CVE-2014-3597
2014-08-22 00:00:00
cvelist
cvelist
CVE-2014-4049
2014-06-18 19:00:00
CVE-2014-3597
2014-08-23 01:00:00
cve
cve
CVE-2014-3597
2014-08-23 01:55:02
suse
suse
Security update for PHP5 (important)
2014-07-04 00:04:20
Security update for PHP5 (important)
2014-07-07 19:04:42
Security update for php53 (important)
2014-07-04 01:04:18
securityvulns
securityvulns
PHP security vulnerabilities
2014-06-17 00:00:00
APPLE-SA-2014-09-17-3 OS X Mavericks 10.9.5 and Security Update 2014-004
2014-09-21 00:00:00
Apple Mac OS X / OS X Server multiple security vulnerabilities
2014-09-21 00:00:00
ibm
ibm
Security Bulletin: Vulnerabilities in php5 affect IBM Flex System Manager (FSM): (CVE-2013-4248 CVE-2013-6420 CVE-2014-2497 CVE-2014-4049)
2019-01-31 01:30:01
Security Bulletin: Vulnerabilities in PHP affect IBM Chassis Management Module (CMM) (CVE-2013-4248, CVE-2013-6420, CVE-2014-2497, CVE-2014-4049)
2019-01-31 01:55:01
Security Bulletin: Multiple vulnerabilities in PHP as used by IBM QRadar Incident Forensics 7.2 MR2. (CVE-2014-3515, CVE-2014-4049, CVE-2014-3981, CVE-2014-0238, CVE-2014-0237, CVE-2014-4721)
2018-06-16 21:19:23
ubuntu
ubuntu
PHP updates
2014-06-25 00:00:00
PHP vulnerabilities
2014-06-23 00:00:00
mageia
mageia
Updated php packages fix multiple security vulnerabilities
2014-09-05 13:07:37
Updated php packages fix multiple vulnerabilities
2014-07-09 02:30:04
Updated php packages fix multiple vulnerabilities
2014-07-09 02:29:20
f5
f5
SOL15761 - Multiple PHP 5.x vulnerabilities
2014-10-30 00:00:00
K15761 : Multiple PHP 5.x vulnerabilities
2015-09-17 00:00:00
K15498 : Multiple PHP vulnerabilities
2014-08-12 00:00:00
oraclelinux
oraclelinux
php53 and php security update
2014-09-30 00:00:00
php security update
2014-08-06 00:00:00
php security update
2014-09-30 00:00:00
freebsd
freebsd
PHP multiple vulnerabilities
2014-08-14 00:00:00
amazon
amazon
Medium: php
2014-08-21 11:15:00
Medium: php55
2014-07-09 16:42:00
Medium: php54
2014-07-09 16:24:00
slackware
slackware
[slackware-security] php
2014-07-12 03:48:04
centos
centos
php security update
2014-08-06 14:38:20
php, php53 security update
2014-08-06 14:53:37
redhat
redhat
(RHSA-2014:1013) Moderate: php security update
2014-08-06 00:00:00
(RHSA-2014:1012) Moderate: php53 and php security update
2014-08-06 00:00:00
(RHSA-2014:1766) Important: php55-php security update
2014-10-30 00:00:00
gentoo
gentoo
PHP: Multiple vulnerabilities
2014-08-29 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1950
2021-07-02 17:57:45

5.1 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

9.8 High

AI Score

Confidence

High

0.948 High

EPSS

Percentile

99.3%

JSON
Related for CVE-2014-4049
openvas41osv4debian9checkpoint_advisories1prion2veracode4nvd2nessus37ubuntucve2cvelist2cve1suse5securityvulns5ibm5ubuntu2mageia3f54oraclelinux5freebsd1amazon3slackware1centos2redhat4gentoo1rosalinux1