CVE-2014-9705
Description
Heap-based buffer overflow in the enchant_broker_request_dict function in ext/enchant/enchant.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 allows remote attackers to execute arbitrary code via vectors that trigger creation of multiple dictionaries.
Risk Information
Base Score
9.8
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
35.164
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple vulnerabilities are fixed in OS X El Capitan 10.11.6 Update | Mac |
| Multiple vulnerabilities are fixed in OS X El Capitan 10.11.6 Combo Update | Mac |
| Multiple vulnerabilities are fixed in OS X El Capitan 10.11.5 Update | Mac |
| Multiple vulnerabilities are fixed in OS X El Capitan 10.11.5 Combo Update | Mac |
| Multiple vulnerabilities are fixed in OS X El Capitan 10.11.4 Update | Mac |
| Multiple vulnerabilities are fixed in OS X El Capitan 10.11.4 Combo Update | Mac |
| Multiple vulnerabilities are fixed in OS X El Capitan 10.11.3 Update | Mac |
| Multiple vulnerabilities are fixed in OS X El Capitan 10.11.2 Update | Mac |
| Multiple vulnerabilities are fixed in OS X El Capitan 10.11.1 Update | Mac |
| Php55 update (ELSA-2015-1053) php55-2.0-1.el6.x86_64.rpm | Linux |
| Php55-php update (ELSA-2015-1053) php55-php-5.5.21-2.0.1.el6.x86_64.rpm | Linux |
| Php55-php-bcmath update (ELSA-2015-1053) php55-php-bcmath-5.5.21-2.0.1.el6.x86_64.rpm | Linux |
| Php55-php-cli update (ELSA-2015-1053) php55-php-cli-5.5.21-2.0.1.el6.x86_64.rpm | Linux |
| Php55-php-common update (ELSA-2015-1053) php55-php-common-5.5.21-2.0.1.el6.x86_64.rpm | Linux |
| Php55-php-dba update (ELSA-2015-1053) php55-php-dba-5.5.21-2.0.1.el6.x86_64.rpm | Linux |
| Php55-php-devel update (ELSA-2015-1053) php55-php-devel-5.5.21-2.0.1.el6.x86_64.rpm | Linux |
| Php55-php-enchant update (ELSA-2015-1053) php55-php-enchant-5.5.21-2.0.1.el6.x86_64.rpm | Linux |
| Php55-php-fpm update (ELSA-2015-1053) php55-php-fpm-5.5.21-2.0.1.el6.x86_64.rpm | Linux |
| Php55-php-gd update (ELSA-2015-1053) php55-php-gd-5.5.21-2.0.1.el6.x86_64.rpm | Linux |
| Php55-php-gmp update (ELSA-2015-1053) php55-php-gmp-5.5.21-2.0.1.el6.x86_64.rpm | Linux |
| Php55-php-imap update (ELSA-2015-1053) php55-php-imap-5.5.21-2.0.1.el6.x86_64.rpm | Linux |
| Php55-php-intl update (ELSA-2015-1053) php55-php-intl-5.5.21-2.0.1.el6.x86_64.rpm | Linux |
| Php55-php-ldap update (ELSA-2015-1053) php55-php-ldap-5.5.21-2.0.1.el6.x86_64.rpm | Linux |
| Php55-php-mbstring update (ELSA-2015-1053) php55-php-mbstring-5.5.21-2.0.1.el6.x86_64.rpm | Linux |
| Php55-php-mysqlnd update (ELSA-2015-1053) php55-php-mysqlnd-5.5.21-2.0.1.el6.x86_64.rpm | Linux |
| Php55-php-odbc update (ELSA-2015-1053) php55-php-odbc-5.5.21-2.0.1.el6.x86_64.rpm | Linux |
| Php55-php-opcache update (ELSA-2015-1053) php55-php-opcache-5.5.21-2.0.1.el6.x86_64.rpm | Linux |
| Php55-php-pdo update (ELSA-2015-1053) php55-php-pdo-5.5.21-2.0.1.el6.x86_64.rpm | Linux |
| Php55-php-pgsql update (ELSA-2015-1053) php55-php-pgsql-5.5.21-2.0.1.el6.x86_64.rpm | Linux |
| Php55-php-process update (ELSA-2015-1053) php55-php-process-5.5.21-2.0.1.el6.x86_64.rpm | Linux |
| Php55-php-pspell update (ELSA-2015-1053) php55-php-pspell-5.5.21-2.0.1.el6.x86_64.rpm | Linux |
| Php55-php-recode update (ELSA-2015-1053) php55-php-recode-5.5.21-2.0.1.el6.x86_64.rpm | Linux |
| Php55-php-snmp update (ELSA-2015-1053) php55-php-snmp-5.5.21-2.0.1.el6.x86_64.rpm | Linux |
| Php55-php-soap update (ELSA-2015-1053) php55-php-soap-5.5.21-2.0.1.el6.x86_64.rpm | Linux |
| Php55-php-tidy update (ELSA-2015-1053) php55-php-tidy-5.5.21-2.0.1.el6.x86_64.rpm | Linux |
| Php55-php-xml update (ELSA-2015-1053) php55-php-xml-5.5.21-2.0.1.el6.x86_64.rpm | Linux |
| Php55-php-xmlrpc update (ELSA-2015-1053) php55-php-xmlrpc-5.5.21-2.0.1.el6.x86_64.rpm | Linux |
| Php55-runtime update (ELSA-2015-1053) php55-runtime-2.0-1.el6.x86_64.rpm | Linux |
| Php55-scldevel update (ELSA-2015-1053) php55-scldevel-2.0-1.el6.x86_64.rpm | Linux |
| Php55 update (ELSA-2015-1053) php55-2.0-1.el7.x86_64.rpm | Linux |
| Php55-runtime update (ELSA-2015-1053) php55-runtime-2.0-1.el7.x86_64.rpm | Linux |
| Php55-scldevel update (ELSA-2015-1053) php55-scldevel-2.0-1.el7.x86_64.rpm | Linux |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-600753 | OS X El Capitan 10.11.6 Update |
| PATCH-600754 | OS X El Capitan 10.11.6 Combo Update |
| PATCH-600753 | OS X El Capitan 10.11.6 Update |
| PATCH-600754 | OS X El Capitan 10.11.6 Combo Update |
| PATCH-600753 | OS X El Capitan 10.11.6 Update |
| PATCH-600754 | OS X El Capitan 10.11.6 Combo Update |
| PATCH-600753 | OS X El Capitan 10.11.6 Update |
| PATCH-600753 | OS X El Capitan 10.11.6 Update |
| PATCH-600753 | OS X El Capitan 10.11.6 Update |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234