Description

Use-after-free vulnerability in ext/spl/spl_array.c in the SPL component in PHP through 5.5.14 allows context-dependent attackers to cause a denial of service or possibly have unspecified other impact via crafted ArrayIterator usage within applications in certain web-hosting environments.

Remediation

References

CVE-2014-4698

Related Vulnerabilities

MediaWiki Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-1190)

WordPress Plugin RegistrationMagic-Custom Registration Forms, User Registration, Payment, and User Login PHP Object Injection (3.7.9.2)

WordPress Authentication Bypass Using an Alternate Path or Channel Vulnerability (CVE-2020-4050)

WordPress Plugin Simple Sitemap-Create a Responsive HTML Sitemap Security Bypass (3.5.4)

WordPress Plugin UpdraftPlus WordPress Backup Privilege Escalation (1.23.2)

Severity

Medium

Classification

CVE-2014-4698

Tags

Missing Update Known Vulnerabilities