Description

Double free vulnerability in the zend_ts_hash_graceful_destroy function in zend_ts_hash.c in the Zend Engine in PHP through 5.5.20 and 5.6.x through 5.6.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

Remediation

References

CVE-2014-9425

Related Vulnerabilities

Magento Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-21027)

MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-45473)

XWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-32732)

osCommerce Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2002-2019)

silverstripeCMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4958)

Severity

High

Classification

CVE-2014-9425

Tags

Missing Update Known Vulnerabilities