CVE-2014-9427Improper Restriction of Operations within the Bounds of a Memory Buffer in Apple OS X EL Capitan V10.11

CWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-125Out-of-bounds Read10 documents8 sources
Severity
7.5HIGHNVD
EPSS
4.9%
top 10.43%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Php5Apple OS X EL Capitan V10.11PHP
Timeline
PublishedJan 3
Latest updateMay 17

Description

sapi/cgi/cgi_main.c in the CGI component in PHP through 5.4.36, 5.5.x through 5.5.20, and 5.6.x through 5.6.4, when mmap is used to read a .php file, does not properly consider the mapping's length during processing of an invalid file that begins with a # character and lacks a newline character, which causes an out-of-bounds read and might (1) allow remote attackers to obtain sensitive information from php-cgi process memory by leveraging the ability to upload a .php file or (2) trigger unexpect

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages3 packages

Ubuntuphp5/php5< 5.5.9+dfsg-1ubuntu4.6
NVDphp/php170 versions+169

🔴Vulnerability Details

3
GHSA
GHSA-jv9r-h7r8-3459: sapi/cgi/cgi_main2022-05-17
OSV
php5 vulnerabilities2015-02-17
OSV
CVE-2014-9427: sapi/cgi/cgi_main2015-01-02

📋Vendor Advisories

3
Ubuntu
PHP vulnerabilities2015-02-17
Red Hat
php: out of bounds read when parsing a crafted .php file2014-12-17
Apple
CVE-2014-9427: OS X El Capitan v10.11

💬Community

3
Bugzilla
CVE-2014-9427 php: out of bounds read when parsing a crafted .php file2015-01-05
Bugzilla
CVE-2014-9427 php: out of bounds read when parsing a crafted .php file [fedora-all]2015-01-05
HackerOne
out of bounds read crashes php-cgi2014-12-30
CVE-2014-9427 — Apple vulnerability | cvebase