Vulnerability Details : CVE-2014-3668
Potential exploit
Buffer overflow in the date_from_ISO8601 function in the mkgmtime implementation in libxmlrpc/xmlrpc.c in the XMLRPC extension in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 allows remote attackers to cause a denial of service (application crash) via (1) a crafted first argument to the xmlrpc_set_type function or (2) a crafted argument to the xmlrpc_decode function, related to an out-of-bounds read operation.
Vulnerability category: OverflowDenial of service
Products affected by CVE-2014-3668
- cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.10:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.11:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.12:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.7:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.8:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.9:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.12:rc2:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.13:rc1:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.6:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.14:rc1:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.15:rc1:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.16:rc1:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.12:rc1:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.13:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.14:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.5:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.17:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.22:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.23:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.19:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.20:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.18:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.21:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.24:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.25:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.26:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.27:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.28:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.29:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.15:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.30:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.32:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.16:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.17:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.31:*:*:*:*:*:*:*
Threat overview for CVE-2014-3668
Top countries where our scanners detected CVE-2014-3668
Top open port discovered on systems with this issue
80
IPs affected by CVE-2014-3668 483,896
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2014-3668!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2014-3668
0.93%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 75 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2014-3668
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST |
CWE ids for CVE-2014-3668
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-3668
-
http://linux.oracle.com/errata/ELSA-2014-1768.html
linux.oracle.com | ELSA-2014-1768
-
http://lists.opensuse.org/opensuse-updates/2014-11/msg00034.html
openSUSE-SU-2014:1391-1: moderate: update for php5
-
http://linux.oracle.com/errata/ELSA-2014-1767.html
linux.oracle.com | ELSA-2014-1767
-
http://rhn.redhat.com/errata/RHSA-2014-1766.html
RHSA-2014:1766 - Security Advisory - Red Hat Customer Portal
-
http://secunia.com/advisories/60699
Sign in
-
http://lists.opensuse.org/opensuse-updates/2015-01/msg00006.html
openSUSE-SU-2015:0014-1: moderate: update for php5
-
http://www.ubuntu.com/usn/USN-2391-1
USN-2391-1: php5 vulnerabilities | Ubuntu security notices
-
http://rhn.redhat.com/errata/RHSA-2014-1765.html
RHSA-2014:1765 - Security Advisory - Red Hat Customer Portal
-
http://lists.opensuse.org/opensuse-updates/2014-11/msg00024.html
openSUSE-SU-2014:1377-1: moderate: update for php5
-
http://secunia.com/advisories/61970
Sign in
-
http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
Oracle Solaris Third Party Bulletin - July 2015
-
http://secunia.com/advisories/61982
Sign in
-
http://rhn.redhat.com/errata/RHSA-2014-1767.html
RHSA-2014:1767 - Security Advisory - Red Hat Customer Portal
-
https://bugs.php.net/bug.php?id=68027
PHP :: Sec Bug #68027 :: AddressSanitizer reports a global buffer overflow in mkgmtime() function.Exploit;Patch;Vendor Advisory
-
https://support.apple.com/HT204659
About the security content of OS X Yosemite v10.10.3 and Security Update 2015-004 - Apple Support
-
http://git.php.net/?p=php-src.git;a=commit;h=88412772d295ebf7dd34409534507dc9bcac726e
208.43.231.11 Git - php-src.git/commit
-
http://www.securityfocus.com/bid/70666
PHP 'libxmlrpc/xmlrpc.c' Buffer Overflow Vulnerability
-
http://secunia.com/advisories/60630
Sign in
-
http://rhn.redhat.com/errata/RHSA-2014-1768.html
RHSA-2014:1768 - Security Advisory - Red Hat Customer Portal
-
http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html
Apple - Lists.apple.com
-
http://www.debian.org/security/2014/dsa-3064
Debian -- Security Information -- DSA-3064-1 php5
-
https://bugzilla.redhat.com/show_bug.cgi?id=1154503
1154503 – (CVE-2014-3668) CVE-2014-3668 php: xmlrpc ISO8601 date format parsing out-of-bounds read in mkgmtime()
-
http://secunia.com/advisories/61763
Sign in
-
http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=88412772d295ebf7dd34409534507dc9bcac726e
-
http://secunia.com/advisories/59967
Sign in
-
http://php.net/ChangeLog-5.php
PHP: PHP 5 ChangeLog
Jump to