Vulnerabilities > CVE-2014-2020 - Numeric Errors vulnerability in PHP
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
ext/gd/gd.c in PHP 5.5.x before 5.5.9 does not check data types, which might allow remote attackers to obtain sensitive information by using a (1) string or (2) array data type in place of a numeric data type, as demonstrated by an imagecrop function call with a string for the x dimension value, a different vulnerability than CVE-2013-7226.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-2126-1.NASL description Bernd Melchers discovered that PHP last seen 2020-03-18 modified 2014-03-04 plugin id 72799 published 2014-03-04 reporter Ubuntu Security Notice (C) 2014-2020 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/72799 title Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.10 : php5 vulnerabilities (USN-2126-1) NASL family CGI abuses NASL id PHP_5_5_9.NASL description According to its banner, the version of PHP 5.5.x installed on the remote host is a version prior to 5.5.9. It is, therefore, potentially affected by the following vulnerabilities related to the GD extension : - A heap-based buffer overflow error exists related to the functions last seen 2020-06-01 modified 2020-06-02 plugin id 72511 published 2014-02-14 reporter This script is Copyright (C) 2014-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/72511 title PHP 5.5.x < 5.5.9 GD Extension Multiple Vulnerabilities
Seebug
| bulletinFamily | exploit |
| description | CVE ID:CVE-2014-2020 PHP是一种HTML内嵌式的语言。 PHP 'ext/gd/gd.c'没有检查数据类型,允许远程攻击者使用字符串或数组数据累心过来代替数字数据类型来获取敏感信息,此漏洞不同于CVE-2013-7226。 0 PHP 5.5.x PHP 5.5.9已经修复该漏洞,建议用户下载更新: http://php.net |
| id | SSV:61501 |
| last seen | 2017-11-19 |
| modified | 2014-02-20 |
| published | 2014-02-20 |
| reporter | Root |
| title | PHP 'ext/gd/gd.c'信息泄漏漏洞 |
References
- http://www.ubuntu.com/usn/USN-2126-1
- http://www.ubuntu.com/usn/USN-2126-1
- https://bugs.php.net/bug.php?id=66356
- https://bugs.php.net/bug.php?id=66356
- https://github.com/php/php-src/commit/2938329ce19cb8c4197dec146c3ec887c6f61d01
- https://github.com/php/php-src/commit/2938329ce19cb8c4197dec146c3ec887c6f61d01