Search for vulnerabilities
Vulnerability details: VCID-s7bp-2h8v-aaah
Vulnerability ID VCID-s7bp-2h8v-aaah
Aliases CVE-2014-3587
Summary Integer overflow in the cdf_read_property_info function in cdf.c in file through 5.19, as used in the Fileinfo component in PHP before 5.4.32 and 5.5.x before 5.5.16, allows remote attackers to cause a denial of service (application crash) via a crafted CDF file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1571.
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (2)
CWE-189 Numeric Errors
CWE-190 Integer Overflow or Wraparound
System Score Found at
generic_textual Low http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-3587.html
generic_textual Medium http://php.net/ChangeLog-5.php
rhas Moderate https://access.redhat.com/errata/RHSA-2014:1326
rhas Moderate https://access.redhat.com/errata/RHSA-2014:1327
rhas Important https://access.redhat.com/errata/RHSA-2014:1765
rhas Important https://access.redhat.com/errata/RHSA-2014:1766
rhas Moderate https://access.redhat.com/errata/RHSA-2015:2155
rhas Moderate https://access.redhat.com/errata/RHSA-2016:0760
epss 0.05997 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.05997 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.05997 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.05997 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.06751 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.06751 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.06751 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.07961 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.07961 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.07961 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.07961 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.07961 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.07961 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.07961 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.07961 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.07961 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.07961 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.07961 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.08797 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.08797 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.08797 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.11548 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.11548 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.18724 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.18724 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.18724 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.18724 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.18724 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.18724 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.18724 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.18724 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.18724 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.19104 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.19104 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.19104 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.19104 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.19104 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.19104 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.19104 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.19104 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.19104 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.19104 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.19104 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.19104 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.19104 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.19104 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.19104 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.19104 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.19104 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.19104 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.19104 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.19104 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.19104 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.19104 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.19104 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.19104 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.19104 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.19104 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.19104 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.19104 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.19104 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.19104 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.19104 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.19104 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.19104 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.19104 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.19104 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.19104 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.19104 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.19104 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.19104 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.19104 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.19104 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.19104 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.19104 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.19104 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
epss 0.21683 https://api.first.org/data/v1/epss?cve=CVE-2014-3587
generic_textual Low https://bugs.php.net/bug.php?id=67716
rhbs medium https://bugzilla.redhat.com/show_bug.cgi?id=1128587
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207
generic_textual Low https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237
generic_textual Low https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487
generic_textual Low https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538
generic_textual Low https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3597
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4670
cvssv2 4.3 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv2 4.3 https://nvd.nist.gov/vuln/detail/CVE-2014-3587
generic_textual Medium https://ubuntu.com/security/notices/USN-2344-1
generic_textual Low https://ubuntu.com/security/notices/USN-2369-1
cvssv3.1 7.5 http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
generic_textual HIGH http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
generic_textual MODERATE http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html
cvssv3.1 8.8 http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
generic_textual HIGH http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
generic_textual HIGH http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
Reference id Reference type URL
http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html
http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-3587.html
http://php.net/ChangeLog-5.php
http://rhn.redhat.com/errata/RHSA-2014-1326.html
http://rhn.redhat.com/errata/RHSA-2014-1327.html
http://rhn.redhat.com/errata/RHSA-2014-1765.html
http://rhn.redhat.com/errata/RHSA-2014-1766.html
http://rhn.redhat.com/errata/RHSA-2016-0760.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3587.json
https://api.first.org/data/v1/epss?cve=CVE-2014-3587
https://bugs.php.net/bug.php?id=67716
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3597
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4670
http://secunia.com/advisories/60609
http://secunia.com/advisories/60696
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://github.com/file/file/commit/0641e56be1af003aa02c7c6b0184466540637233
https://github.com/php/php-src/commit/7ba1409a1aee5925180de546057ddd84ff267947
https://security-tracker.debian.org/tracker/CVE-2014-3587
https://support.apple.com/HT204659
https://ubuntu.com/security/notices/USN-2344-1
https://ubuntu.com/security/notices/USN-2369-1
http://www.debian.org/security/2014/dsa-3008
http://www.debian.org/security/2014/dsa-3021
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
http://www.securityfocus.com/bid/69325
http://www.ubuntu.com/usn/USN-2344-1
http://www.ubuntu.com/usn/USN-2369-1
1128587 https://bugzilla.redhat.com/show_bug.cgi?id=1128587
cpe:2.3:a:christos_zoulas:file:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:*:*:*:*:*:*:*:*
cpe:2.3:a:christos_zoulas:file:5.00:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.00:*:*:*:*:*:*:*
cpe:2.3:a:christos_zoulas:file:5.01:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.01:*:*:*:*:*:*:*
cpe:2.3:a:christos_zoulas:file:5.02:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.02:*:*:*:*:*:*:*
cpe:2.3:a:christos_zoulas:file:5.03:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.03:*:*:*:*:*:*:*
cpe:2.3:a:christos_zoulas:file:5.04:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.04:*:*:*:*:*:*:*
cpe:2.3:a:christos_zoulas:file:5.05:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.05:*:*:*:*:*:*:*
cpe:2.3:a:christos_zoulas:file:5.06:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.06:*:*:*:*:*:*:*
cpe:2.3:a:christos_zoulas:file:5.07:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.07:*:*:*:*:*:*:*
cpe:2.3:a:christos_zoulas:file:5.08:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.08:*:*:*:*:*:*:*
cpe:2.3:a:christos_zoulas:file:5.09:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.09:*:*:*:*:*:*:*
cpe:2.3:a:christos_zoulas:file:5.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.10:*:*:*:*:*:*:*
cpe:2.3:a:christos_zoulas:file:5.11:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.11:*:*:*:*:*:*:*
cpe:2.3:a:christos_zoulas:file:5.12:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.12:*:*:*:*:*:*:*
cpe:2.3:a:christos_zoulas:file:5.13:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.13:*:*:*:*:*:*:*
cpe:2.3:a:christos_zoulas:file:5.14:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.14:*:*:*:*:*:*:*
cpe:2.3:a:christos_zoulas:file:5.15:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.15:*:*:*:*:*:*:*
cpe:2.3:a:christos_zoulas:file:5.16:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.16:*:*:*:*:*:*:*
cpe:2.3:a:christos_zoulas:file:5.17:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.17:*:*:*:*:*:*:*
cpe:2.3:a:christos_zoulas:file:5.18:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.18:*:*:*:*:*:*:*
cpe:2.3:a:php:php:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.0:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.0:beta2:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.0:beta2:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.0:beta2:32-bit:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.0:beta2:32-bit:*:*:*:*:*
cpe:2.3:a:php:php:5.4.0:rc2:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.0:rc2:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.1:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.10:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.11:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.11:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.12:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.12:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.12:rc1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.12:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.12:rc2:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.12:rc2:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.13:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.13:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.13:rc1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.13:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.14:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.14:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.14:rc1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.14:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.15:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.15:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.15:rc1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.15:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.16:rc1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.16:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.17:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.17:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.18:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.18:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.19:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.19:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.2:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.20:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.20:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.21:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.21:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.22:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.22:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.23:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.23:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.24:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.24:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.25:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.25:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.26:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.26:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.27:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.27:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.28:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.28:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.29:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.29:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.3:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.30:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.30:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.4:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.5:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.6:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.7:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.8:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.4.9:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.9:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.15:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.15:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*
CVE-2014-3587 https://nvd.nist.gov/vuln/detail/CVE-2014-3587
RHSA-2014:1326 https://access.redhat.com/errata/RHSA-2014:1326
RHSA-2014:1327 https://access.redhat.com/errata/RHSA-2014:1327
RHSA-2014:1765 https://access.redhat.com/errata/RHSA-2014:1765
RHSA-2014:1766 https://access.redhat.com/errata/RHSA-2014:1766
RHSA-2015:2155 https://access.redhat.com/errata/RHSA-2015:2155
RHSA-2016:0760 https://access.redhat.com/errata/RHSA-2016:0760
USN-2344-1 https://usn.ubuntu.com/2344-1/
USN-2369-1 https://usn.ubuntu.com/2369-1/
No exploits are available.
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2014-3587
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.93401
EPSS Score 0.05997
Published At Dec. 17, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.