VulnerableCode Vulnerability Details

System	Score	Found at
epss	0.08338	https://api.first.org/data/v1/epss?cve=CVE-2014-5120
epss	0.08338	https://api.first.org/data/v1/epss?cve=CVE-2014-5120
epss	0.08338	https://api.first.org/data/v1/epss?cve=CVE-2014-5120
epss	0.08338	https://api.first.org/data/v1/epss?cve=CVE-2014-5120
epss	0.08338	https://api.first.org/data/v1/epss?cve=CVE-2014-5120
epss	0.08338	https://api.first.org/data/v1/epss?cve=CVE-2014-5120
epss	0.08338	https://api.first.org/data/v1/epss?cve=CVE-2014-5120
epss	0.08338	https://api.first.org/data/v1/epss?cve=CVE-2014-5120
epss	0.08338	https://api.first.org/data/v1/epss?cve=CVE-2014-5120
epss	0.08338	https://api.first.org/data/v1/epss?cve=CVE-2014-5120
cvssv2	6.4	https://nvd.nist.gov/vuln/detail/CVE-2014-5120

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2014-5120

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vulnerability ID	VCID-5xgj-hjsk-r3h5
Aliases	CVE-2014-5120
Summary	Multiple vulnerabilities have been discovered in PHP, the worst of which could lead to remote execution of arbitrary code.
Status	Published
Exploitability	0.5
Weighted Severity	5.8
Risk	2.9
Affected and Fixed Packages	Package Details

CWE-626	Null Byte Interaction Error (Poison Null Byte)
CWE-20	Improper Input Validation

Percentile	0.92254
EPSS Score	0.08338
Published At	April 1, 2026, 12:55 p.m.

Reference id	Reference type	URL
		http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html
		http://lists.opensuse.org/opensuse-updates/2014-09/msg00024.html
		http://php.net/ChangeLog-5.php
		http://rhn.redhat.com/errata/RHSA-2014-1327.html
		http://rhn.redhat.com/errata/RHSA-2014-1765.html
		http://rhn.redhat.com/errata/RHSA-2014-1766.html
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-5120.json
		https://api.first.org/data/v1/epss?cve=CVE-2014-5120
		https://bugs.php.net/bug.php?id=67730
		https://support.apple.com/HT204659
		http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html
1132793		https://bugzilla.redhat.com/show_bug.cgi?id=1132793
cpe:2.3:a:php:php:5.4.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.0:::::::*
cpe:2.3:a:php:php:5.4.0:beta2::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.0:beta2::::::
cpe:2.3:a:php:php:5.4.0:beta2:32-bit:::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.0:beta2:32-bit:::::*
cpe:2.3:a:php:php:5.4.0:rc2::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.0:rc2::::::
cpe:2.3:a:php:php:5.4.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.1:::::::*
cpe:2.3:a:php:php:5.4.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.10:::::::*
cpe:2.3:a:php:php:5.4.11:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.11:::::::*
cpe:2.3:a:php:php:5.4.12:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.12:::::::*
cpe:2.3:a:php:php:5.4.12:rc1::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.12:rc1::::::
cpe:2.3:a:php:php:5.4.12:rc2::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.12:rc2::::::
cpe:2.3:a:php:php:5.4.13:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.13:::::::*
cpe:2.3:a:php:php:5.4.13:rc1::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.13:rc1::::::
cpe:2.3:a:php:php:5.4.14:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.14:::::::*
cpe:2.3:a:php:php:5.4.14:rc1::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.14:rc1::::::
cpe:2.3:a:php:php:5.4.15:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.15:::::::*
cpe:2.3:a:php:php:5.4.15:rc1::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.15:rc1::::::
cpe:2.3:a:php:php:5.4.16:rc1::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.16:rc1::::::
cpe:2.3:a:php:php:5.4.17:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.17:::::::*
cpe:2.3:a:php:php:5.4.18:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.18:::::::*
cpe:2.3:a:php:php:5.4.19:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.19:::::::*
cpe:2.3:a:php:php:5.4.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.2:::::::*
cpe:2.3:a:php:php:5.4.20:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.20:::::::*
cpe:2.3:a:php:php:5.4.21:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.21:::::::*
cpe:2.3:a:php:php:5.4.22:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.22:::::::*
cpe:2.3:a:php:php:5.4.23:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.23:::::::*
cpe:2.3:a:php:php:5.4.24:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.24:::::::*
cpe:2.3:a:php:php:5.4.25:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.25:::::::*
cpe:2.3:a:php:php:5.4.26:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.26:::::::*
cpe:2.3:a:php:php:5.4.27:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.27:::::::*
cpe:2.3:a:php:php:5.4.28:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.28:::::::*
cpe:2.3:a:php:php:5.4.29:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.29:::::::*
cpe:2.3:a:php:php:5.4.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.3:::::::*
cpe:2.3:a:php:php:5.4.30:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.30:::::::*
cpe:2.3:a:php:php:5.4.31:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.31:::::::*
cpe:2.3:a:php:php:5.4.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.4:::::::*
cpe:2.3:a:php:php:5.4.5:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.5:::::::*
cpe:2.3:a:php:php:5.4.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.6:::::::*
cpe:2.3:a:php:php:5.4.7:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.7:::::::*
cpe:2.3:a:php:php:5.4.8:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.8:::::::*
cpe:2.3:a:php:php:5.4.9:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.9:::::::*
cpe:2.3:a:php:php:5.5.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:::::::*
cpe:2.3:a:php:php:5.5.0:alpha1::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha1::::::
cpe:2.3:a:php:php:5.5.0:alpha2::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha2::::::
cpe:2.3:a:php:php:5.5.0:alpha3::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha3::::::
cpe:2.3:a:php:php:5.5.0:alpha4::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha4::::::
cpe:2.3:a:php:php:5.5.0:alpha5::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha5::::::
cpe:2.3:a:php:php:5.5.0:alpha6::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha6::::::
cpe:2.3:a:php:php:5.5.0:beta1::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta1::::::
cpe:2.3:a:php:php:5.5.0:beta2::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta2::::::
cpe:2.3:a:php:php:5.5.0:beta3::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta3::::::
cpe:2.3:a:php:php:5.5.0:beta4::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta4::::::
cpe:2.3:a:php:php:5.5.0:rc1::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:rc1::::::
cpe:2.3:a:php:php:5.5.0:rc2::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:rc2::::::
cpe:2.3:a:php:php:5.5.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.1:::::::*
cpe:2.3:a:php:php:5.5.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.10:::::::*
cpe:2.3:a:php:php:5.5.11:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.11:::::::*
cpe:2.3:a:php:php:5.5.12:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.12:::::::*
cpe:2.3:a:php:php:5.5.13:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.13:::::::*
cpe:2.3:a:php:php:5.5.14:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.14:::::::*
cpe:2.3:a:php:php:5.5.15:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.15:::::::*
cpe:2.3:a:php:php:5.5.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.2:::::::*
cpe:2.3:a:php:php:5.5.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.3:::::::*
cpe:2.3:a:php:php:5.5.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.4:::::::*
cpe:2.3:a:php:php:5.5.5:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.5:::::::*
cpe:2.3:a:php:php:5.5.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.6:::::::*
cpe:2.3:a:php:php:5.5.7:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.7:::::::*
cpe:2.3:a:php:php:5.5.8:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.8:::::::*
cpe:2.3:a:php:php:5.5.9:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.9:::::::*
CVE-2014-5120		https://nvd.nist.gov/vuln/detail/CVE-2014-5120
GLSA-201408-11		https://security.gentoo.org/glsa/201408-11
RHSA-2014:1327		https://access.redhat.com/errata/RHSA-2014:1327
RHSA-2014:1765		https://access.redhat.com/errata/RHSA-2014:1765
RHSA-2014:1766		https://access.redhat.com/errata/RHSA-2014:1766