Novell Home

CVE-2014-4670

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2014-4670 at MITRE

Description

Use-after-free vulnerability in ext/spl/spl_dllist.c in the SPL component in PHP through 5.5.14 allows context-dependent attackers to cause a denial of service or possibly have unspecified other impact via crafted iterator usage within applications in certain web-hosting environments.

NVD CVSS v2 Base Score: 4.6 (AV:L/AC:L/Au:N/C:P/I:P/A:P)

Novell/SUSE information

Novell Bugzilla entry: 886059

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Software Development Kit 11 SP3
  • php53-devel >= 5.3.17-0.27.1
  • php53-imap >= 5.3.17-0.27.1
  • php53-posix >= 5.3.17-0.27.1
  • php53-readline >= 5.3.17-0.27.1
  • php53-sockets >= 5.3.17-0.27.1
  • php53-sqlite >= 5.3.17-0.27.1
  • php53-tidy >= 5.3.17-0.27.1
Builds
SAT Patch Nr: 9537
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP3 for VMware
  • apache2-mod_php53 >= 5.3.17-0.27.1
  • php53 >= 5.3.17-0.27.1
  • php53-bcmath >= 5.3.17-0.27.1
  • php53-bz2 >= 5.3.17-0.27.1
  • php53-calendar >= 5.3.17-0.27.1
  • php53-ctype >= 5.3.17-0.27.1
  • php53-curl >= 5.3.17-0.27.1
  • php53-dba >= 5.3.17-0.27.1
  • php53-dom >= 5.3.17-0.27.1
  • php53-exif >= 5.3.17-0.27.1
  • php53-fastcgi >= 5.3.17-0.27.1
  • php53-fileinfo >= 5.3.17-0.27.1
  • php53-ftp >= 5.3.17-0.27.1
  • php53-gd >= 5.3.17-0.27.1
  • php53-gettext >= 5.3.17-0.27.1
  • php53-gmp >= 5.3.17-0.27.1
  • php53-iconv >= 5.3.17-0.27.1
  • php53-intl >= 5.3.17-0.27.1
  • php53-json >= 5.3.17-0.27.1
  • php53-ldap >= 5.3.17-0.27.1
  • php53-mbstring >= 5.3.17-0.27.1
  • php53-mcrypt >= 5.3.17-0.27.1
  • php53-mysql >= 5.3.17-0.27.1
  • php53-odbc >= 5.3.17-0.27.1
  • php53-openssl >= 5.3.17-0.27.1
  • php53-pcntl >= 5.3.17-0.27.1
  • php53-pdo >= 5.3.17-0.27.1
  • php53-pear >= 5.3.17-0.27.1
  • php53-pgsql >= 5.3.17-0.27.1
  • php53-pspell >= 5.3.17-0.27.1
  • php53-shmop >= 5.3.17-0.27.1
  • php53-snmp >= 5.3.17-0.27.1
  • php53-soap >= 5.3.17-0.27.1
  • php53-suhosin >= 5.3.17-0.27.1
  • php53-sysvmsg >= 5.3.17-0.27.1
  • php53-sysvsem >= 5.3.17-0.27.1
  • php53-sysvshm >= 5.3.17-0.27.1
  • php53-tokenizer >= 5.3.17-0.27.1
  • php53-wddx >= 5.3.17-0.27.1
  • php53-xmlreader >= 5.3.17-0.27.1
  • php53-xmlrpc >= 5.3.17-0.27.1
  • php53-xmlwriter >= 5.3.17-0.27.1
  • php53-xsl >= 5.3.17-0.27.1
  • php53-zip >= 5.3.17-0.27.1
  • php53-zlib >= 5.3.17-0.27.1
Builds
SAT Patch Nr: 9537

© 2014 Novell