Back to search
CVE-2014-4049
Published: Jun 18, 2014
Modified: Aug 6, 2024
PUBLISHED
Description
Heap-based buffer overflow in the php_parserr function in ext/standard/dns.c in PHP 5.6.0beta4 and earlier allows remote servers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted DNS TXT record, related to the dns_get_record function.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
59329
third-party-advisory
x_refsource_SECUNIA
SUSE-SU-2014:0868
vendor-advisory
x_refsource_SUSE
59418
third-party-advisory
x_refsource_SECUNIA
https://support.apple.com/HT204659
x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21683486
x_refsource_CONFIRM
59496
third-party-advisory
x_refsource_SECUNIA
1030435
vdb-entry
x_refsource_SECTRACK
RHSA-2014:1766
vendor-advisory
x_refsource_REDHAT
59652
third-party-advisory
x_refsource_SECUNIA
68007
vdb-entry
x_refsource_BID
59513
third-party-advisory
x_refsource_SECUNIA
HPSBUX03102
vendor-advisory
x_refsource_HP
SUSE-SU-2014:0869
vendor-advisory
x_refsource_SUSE
60998
third-party-advisory
x_refsource_SECUNIA
59270
third-party-advisory
x_refsource_SECUNIA
APPLE-SA-2015-04-08-2
vendor-advisory
x_refsource_APPLE
http://support.apple.com/kb/HT6443
x_refsource_CONFIRM
openSUSE-SU-2014:0841
vendor-advisory
x_refsource_SUSE
https://bugzilla.redhat.com/show_bug.cgi?id=1108447
x_refsource_CONFIRM
DSA-2961
vendor-advisory
x_refsource_DEBIAN
RHSA-2014:1765
vendor-advisory
x_refsource_REDHAT
SSRT101681
vendor-advisory
x_refsource_HP
[oss-security] 20140613 Re: CVE request: PHP heap-based buffer overflow in DNS TXT record parsing
mailing-list
x_refsource_MLIST
openSUSE-SU-2014:0942
vendor-advisory
x_refsource_SUSE
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now