Lucene search
F5SOL17313HistorySep 23, 2015 - 12:00 a.m.
SOL17313 - PHP vulnerability CVE-2014-4721
2015-09-2300:00:00
support.f5.com
87
0.007 Low
EPSS
Percentile
81.1%
The phpinfo implementation in ext/standard/info.c in PHP before 5.4.30 and 5.5.x before 5.5.14 does not ensure use of the string data type for the PHP_AUTH_PW, PHP_AUTH_TYPE, PHP_AUTH_USER, and PHP_SELF variables, which might allow context-dependent attackers to obtain sensitive information from process memory by using the integer data type with crafted values, related to a “type confusion” vulnerability, as demonstrated by reading a private SSL key in an Apache HTTP Server web-hosting environment with mod_ssl and a PHP 5.3.x mod_php. (CVE-2014-4721)
Related
f5
f5
K17313 : PHP vulnerability CVE-2014-4721
2015-10-06 00:00:00
nvd
nvd
CVE-2014-4721
2014-07-06 23:55:02
cvelist
cvelist
CVE-2014-4721
2014-07-06 23:00:00
ubuntucve
ubuntucve
CVE-2014-4721
2014-07-06 00:00:00
cve
cve
CVE-2014-4721
2014-07-06 23:55:02
veracode
veracode
Information Disclosure
2019-05-02 05:04:21
Denial Of Service (DoS)
2019-05-02 05:04:16
Denial Of Service (DoS)
2019-05-02 05:04:17
openvas
openvas
PHP Information Disclosure Vulnerability - 01 (Sep 2014)
2014-09-22 00:00:00
F5 BIG-IP - PHP vulnerability CVE-2014-4721
2015-09-25 00:00:00
Debian: Security Advisory (DLA-0018-1)
2023-03-08 00:00:00
kaspersky
kaspersky
KLA10289 OSI vulnerability in PHP
2014-07-06 00:00:00
nessus
nessus
F5 Networks BIG-IP : PHP vulnerability (SOL17313)
2015-09-24 00:00:00
openSUSE Security Update : openSUSE-2014- (openSUSE-2014--1)
2014-07-31 00:00:00
openSUSE Security Update : openSUSE-2014- (openSUSE-2014--1)
2014-07-31 00:00:00
prion
prion
Type confusion
2014-07-06 23:55:00
ibm
ibm
debian
debian
[DLA-0018-1] php5 security update
2014-07-23 19:10:58
[SECURITY] [DSA 2974-1] php5 security update
2014-07-08 21:34:45
[SECURITY] [DSA 2974-1] php5 security update
2014-07-08 21:34:45
osv
osv
php5 - security update
2014-07-23 00:00:00
php5 - security update
2014-07-08 00:00:00
mageia
mageia
Updated php packages fix multiple vulnerabilities
2014-07-09 02:30:04
Updated php packages fix multiple vulnerabilities
2014-07-09 02:29:20
securityvulns
securityvulns
[USN-2276-1] PHP vulnerabilities
2014-07-14 00:00:00
file / PHP multiple security vulnerabilities
2014-07-14 00:00:00
ubuntu
ubuntu
PHP vulnerabilities
2014-07-09 00:00:00
centos
centos
php security update
2014-08-06 14:38:20
php, php53 security update
2014-08-06 14:53:37
redhat
redhat
(RHSA-2014:1013) Moderate: php security update
2014-08-06 00:00:00
(RHSA-2014:1012) Moderate: php53 and php security update
2014-08-06 00:00:00
(RHSA-2014:1766) Important: php55-php security update
2014-10-30 00:00:00
oraclelinux
oraclelinux
php security update
2014-08-06 00:00:00
php53 and php security update
2014-08-06 00:00:00
suse
suse
Security update for php53 (important)
2016-06-21 13:08:17
rosalinux
rosalinux
Advisory ROSA-SA-2021-1950
2021-07-02 17:57:45