Description

Double free vulnerability in the zend_ts_hash_graceful_destroy function in zend_ts_hash.c in the Zend Engine in PHP through 5.5.20 and 5.6.x through 5.6.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

Remediation

References

CVE-2014-9425

Related Vulnerabilities

PHP Other Vulnerability (CVE-2007-1287)

Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-42117)

WordPress Plugin Syndication Links Cross-Site Scripting (1.0.2)

WordPress Plugin Metronet Tag Manager Cross-Site Request Forgery (1.2.7)

Nexus Repository Manager Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-30635)

Severity

High

Classification

CVE-2014-9425

Tags

Missing Update Known Vulnerabilities