CVE-2014-9912 in PHP
Resumen (Inglés)
The get_icu_disp_value_src_php function in ext/intl/locale/locale_methods.c in PHP before 5.3.29, 5.4.x before 5.4.30, and 5.5.x before 5.5.14 does not properly restrict calls to the ICU uresbund.cpp component, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a locale_get_display_name call with a long first argument.
VulDB is the best source for vulnerability data and more expert information about this specific topic.
Reservar
2016-11-24
Divulgación
2017-01-04
Estado
Confirmado
Voces
VulDB provides additional information and datapoints for this CVE:
| ID | Vulnerabilidad | CWE | Exp | Con | CVE |
|---|---|---|---|---|---|
| 95027 | PHP locale_methods.c get_icu_disp_value_src_php desbordamiento de búfer | 119 | No está definido | Arreglo oficial | CVE-2014-9912 |
Descripción
CPE
CWE
CVSS
Hazañas
Historia
Diferencia
Relacionar
Inteligencia de amenazas
API JSON
API XML
API CSV