Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2014-3622

UNKNOWN
Published 2020-02-19T12:46:23
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2014-3622. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

Use-after-free vulnerability in the add_post_var function in the Posthandler component in PHP 5.6.x before 5.6.1 might allow remote attackers to execute arbitrary code by leveraging a third-party filter extension that accesses a certain ksep value.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

PHP

PHP

Affected Versions:

5.6.x before 5.6.1

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed MODERATE

GHSA-9whx-7f88-q2wx

Advisory Details

Use-after-free vulnerability in the add_post_var function in the Posthandler component in PHP 5.6.x before 5.6.1 might allow remote attackers to execute arbitrary code by leveraging a third-party filter extension that accesses a certain ksep value.

CVSS Scoring

CVSS Score

5.0

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2014-3622
WEB https://bugs.php.net/bug.php?id=68088
WEB https://bugzilla.redhat.com/show_bug.cgi?id=1151423
WEB http://php.net/ChangeLog-5.php

Advisory provided by GitHub Security Advisory Database. Published: May 17, 2022, Modified: May 17, 2022

References

http://php.net/ChangeLog-5.php
https://bugzilla.redhat.com/show_bug.cgi?id=1151423
https://bugs.php.net/bug.php?id=68088
Published: 2020-02-19T12:46:23
Last Modified: 2024-08-06T10:50:17.792Z
Copied to clipboard!