Description

Heap-based buffer overflow in the enchant_broker_request_dict function in ext/enchant/enchant.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 allows remote attackers to execute arbitrary code via vectors that trigger creation of multiple dictionaries.

Remediation

References

CVE-2014-9705

Related Vulnerabilities

Oracle Application Server CVE-2006-0283 Vulnerability (CVE-2006-0283)

Apache HTTP Server Other Vulnerability (CVE-2009-3095)

WordPress Plugin Page Flip Image Gallery 'book_id' Parameter Remote File Disclosure (0.2.2)

WordPress Plugin Survey Maker-Best WordPress Survey Unspecified Vulnerability (3.2.0)

WordPress 4.8.x Multiple Vulnerabilities (4.8 - 4.8.12)

Severity

High

Classification

CVE-2014-9705 CWE-119

Tags

Missing Update Known Vulnerabilities