WEB APPLICATION VULNERABILITIES Standard & Premium

PHP Other Vulnerability (CVE-2014-4698)

Description

Use-after-free vulnerability in ext/spl/spl_array.c in the SPL component in PHP through 5.5.14 allows context-dependent attackers to cause a denial of service or possibly have unspecified other impact via crafted ArrayIterator usage within applications in certain web-hosting environments.

Remediation

References

Related Vulnerabilities

WordPress Plugin PhotoSmash Galleries Arbitrary File Upload (1.0.7)

WordPress Plugin Contact Form 7 Arbitrary File Upload (5.3.1)

MySQL CVE-2013-1570 Vulnerability (CVE-2013-1570)

WordPress 4.6.x Multiple Vulnerabilities (4.6 - 4.6.2)

WordPress Plugin WP No External Links Cross-Site Scripting (3.5.18)

Severity

Medium

Classification

CVE-2014-4698

Tags

Missing Update Known Vulnerabilities