PHP 'process_nested_data()' Function Use After Free Remote Code Execution Vulnerability

Bugtraq ID: 71791
Class: Design Error
CVE: CVE-2014-8142
Remote: Yes
Local: No
Published: Dec 18 2014 12:00AM
Updated: Sep 23 2016 12:01AM
Credit: Stefan Esser
Vulnerable: Ubuntu Ubuntu Linux 14.10
Ubuntu Ubuntu Linux 14.04 LTS
Ubuntu Ubuntu Linux 12.04 LTS i386
Ubuntu Ubuntu Linux 12.04 LTS amd64
Slackware Linux 14.1
Slackware Linux 14.0
Redhat Enterprise Linux Workstation 7
Redhat Enterprise Linux Server 7
Redhat Enterprise Linux HPC Node 7
Redhat Enterprise Linux Desktop 7
PHP PHP 5.6.1
PHP PHP 5.5.14
+ Mandriva Linux Mandrake 10.1 x86_64
+ Mandriva Linux Mandrake 10.1
+ S.u.S.E. Linux Personal 9.2
+ Turbolinux Turbolinux Server 10.0
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32
PHP PHP 5.5.13
PHP PHP 5.5.12
PHP PHP 5.5.11
PHP PHP 5.5.10
PHP PHP 5.5.5
PHP PHP 5.5.4
PHP PHP 5.5.3
PHP PHP 5.5.1
PHP PHP 5.5
PHP PHP 5.4.30
PHP PHP 5.4.29
PHP PHP 5.4.26
PHP PHP 5.4.25
PHP PHP 5.4.17
PHP PHP 5.4.14
PHP PHP 5.4.8
PHP PHP 5.4.7
PHP PHP 5.4.6
PHP PHP 5.4.4
PHP PHP 5.4.3
PHP PHP 5.4.2
PHP PHP 5.4.1
PHP PHP 5.6.3
PHP PHP 5.6.2
PHP PHP 5.6.0 Beta4
PHP PHP 5.6.0 Beta3
PHP PHP 5.6.0 Beta2
PHP PHP 5.6.0 Beta1
PHP PHP 5.6.0 Alpha5
PHP PHP 5.6.0 Alpha4
PHP PHP 5.6.0 Alpha3
PHP PHP 5.6.0 Alpha2
PHP PHP 5.6.0 Alpha1
PHP PHP 5.5.9
PHP PHP 5.5.8
PHP PHP 5.5.7
PHP PHP 5.5.2
PHP PHP 5.5.19
PHP PHP 5.5.18
PHP PHP 5.5.17
PHP PHP 5.5.16
PHP PHP 5.5.15
PHP PHP 5.5.0-DEV
PHP PHP 5.5.0 Rc2
PHP PHP 5.5.0 Rc1
PHP PHP 5.5.0 Beta4
PHP PHP 5.5.0 Beta3
PHP PHP 5.5.0 Beta2
PHP PHP 5.5.0 Beta1
PHP PHP 5.5.0 Alpha6
PHP PHP 5.5.0 Alpha5
PHP PHP 5.5.0 Alpha4
PHP PHP 5.5.0 Alpha3
PHP PHP 5.5.0 Alpha2
PHP PHP 5.5.0 Alpha1
PHP PHP 5.4.9
PHP PHP 5.4.5
PHP PHP 5.4.35
PHP PHP 5.4.34
PHP PHP 5.4.33
PHP PHP 5.4.32
PHP PHP 5.4.31
PHP PHP 5.4.28
PHP PHP 5.4.27
PHP PHP 5.4.24
PHP PHP 5.4.23
PHP PHP 5.4.22
PHP PHP 5.4.21
PHP PHP 5.4.20
PHP PHP 5.4.1RC1-DEV
PHP PHP 5.4.19
PHP PHP 5.4.18
PHP PHP 5.4.16 Rc1
PHP PHP 5.4.16
PHP PHP 5.4.15 Rc1
PHP PHP 5.4.15
PHP PHP 5.4.14 Rc1
PHP PHP 5.4.13 Rc1
PHP PHP 5.4.13
PHP PHP 5.4.12 Rc2
PHP PHP 5.4.12 Rc1
PHP PHP 5.4.12
PHP PHP 5.4.11
PHP PHP 5.4.10
PHP PHP 5.4.0RC2
PHP PHP 5.4.0beta2
Oracle Linux 7
Oracle Linux 6
Mandriva Business Server 1 X86 64
Mandriva Business Server 1
Kerio Kerio Control 9.1.1 build 1324
Kerio Kerio Control 9.1.0 build 1087
HP Virtual Connect Enterprise Manager 6.2
HP Virtual Connect Enterprise Manager 6.1
HP Virtual Connect Enterprise Manager 6.0
HP Version Control Repository Manager 7.4.1
HP Version Control Repository Manager 7.4
HP Version Control Repository Manager 7.3.4
HP Version Control Repository Manager 7.3.1
HP Version Control Repository Manager 7.3
HP Version Control Repository Manager 7.2.2
HP Version Control Repository Manager 7.2.1
HP Version Control Repository Manager 7.2
HP Version Control Repository Manager 7.4.0a
HP Version Control Repository Manager 7.3.3
HP Version Control Repository Manager 7.3.2
HP Version Control Agent 7.3.5
HP Version Control Agent 7.3.4
HP Version Control Agent 7.3.3
HP Version Control Agent 7.3.1
HP Version Control Agent 7.3
HP Version Control Agent 7.2.2
HP Version Control Agent 7.2.1
HP Version Control Agent 7.2
HP Version Control Agent 2.1.5
HP Version Control Agent 7.3.2
HP Systems Insight Manager 7.1.1
HP Systems Insight Manager 7.4
HP Systems Insight Manager 7.3.2
HP Systems Insight Manager 7.3.1
HP Systems Insight Manager 7.3
HP Systems Insight Manager 7.2.2
HP Systems Insight Manager 7.2.1
HP Systems Insight Manager 7.2
HP Systems Insight Manager 7.0
HP Systems Insight Manager 6.3
HP Systems Insight Manager 6.2
HP Systems Insight Manager 6.1
HP Systems Insight Manager 6.0
HP Systems Insight Manager 5.3
HP Systems Insight Manager 5.0
HP Systems Insight Manager 4.2
HP System Management Homepage (SMH) 7.4
HP System Management Homepage 7.3.2
HP System Management Homepage 7.2.3
HP System Management Homepage 7.2.2
HP System Management Homepage 7.2.1
HP System Management Homepage 7.2
HP System Management Homepage 7.1.2
HP System Management Homepage 7.1.1
HP System Management Homepage 6.2.2 7
HP System Management Homepage 3.2.7
HP System Management Homepage 3.0.2 .77
HP System Management Homepage 3.0 .68
HP System Management Homepage 3.0 .64
HP System Management Homepage 2.2.9 .1
HP System Management Homepage 2.2.8
HP System Management Homepage 2.2.6
HP System Management Homepage 2.1.15
HP System Management Homepage 2.1.12
HP System Management Homepage 2.1.11
HP System Management Homepage 2.1.10
HP System Management Homepage 2.1.9
HP System Management Homepage 2.1.8
HP System Management Homepage 2.1.7
HP System Management Homepage 2.1.6
HP System Management Homepage 2.1.5
HP System Management Homepage 2.1.4
HP System Management Homepage 2.1.3
HP System Management Homepage 2.1.2
HP System Management Homepage 2.1.1
HP System Management Homepage 2.1
HP System Management Homepage 2.0.2
HP System Management Homepage 2.0.1
HP System Management Homepage 2.0
HP System Management Homepage 7.4
HP System Management Homepage 7.3.3.1
HP System Management Homepage 7.3.1
HP System Management Homepage 7.3
HP System Management Homepage 7.2.4.1
HP System Management Homepage 7.2
HP System Management Homepage 7.1
HP System Management Homepage 7.0
HP System Management Homepage 6.3.0
HP System Management Homepage 6.3
HP System Management Homepage 6.2.0
HP System Management Homepage 6.2
HP System Management Homepage 6.0
HP System Management Homepage 3.2.2
HP System Management Homepage 3.0.1
HP Insight Orchestration 6.2
HP Insight Orchestration 6.1
HP Insight Orchestration 6.0
HP HP-UX Tomcat Servlet Engine 6.0.39.03
HP HP-UX PHP 5.4.11.04
HP HP-UX Apache-Based Web Server 4.04
- HP HP-UX 11.22
- HP HP-UX 11.20
- HP HP-UX 11.11
- HP HP-UX 11.0
HP HP-UX Apache-Based Web Server 2.2.15.22
HP HP-UX B.11.31
Gentoo Linux
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
Not Vulnerable: PHP PHP 5.6.4
PHP PHP 5.5.20
PHP PHP 5.4.36
Kerio Kerio Control 9.1.3
HP Virtual Connect Enterprise Manager SDK 7.5.0
HP Version Control Repository Manager 7.5.0
HP Version Control Agent 7.5.0
HP Systems Insight Manager 7.5.0
HP System Management Homepage (SMH) 7.5
HP System Management Homepage 7.5
HP Insight Orchestration 7.5.0


 

Privacy Statement
Copyright 2010, SecurityFocus