Oval Definition:oval:com.ubuntu.precise:def:20143597000
Revision Date:2014-08-22Version:1
Title:CVE-2014-3597 on Ubuntu 12.04 LTS (precise) - medium.
Description:Multiple buffer overflows in the php_parserr function in ext/standard/dns.c in PHP before 5.4.32 and 5.5.x before 5.5.16 allow remote DNS servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted DNS record, related to the dns_get_record function and the dn_expand function. NOTE: this issue exists because of an incomplete fix for CVE-2014-4049.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2014-3597
Platform(s):Ubuntu 12.04 LTS
Product(s):
Definition Synopsis
  • Ubuntu 12.04 LTS (precise) is installed.
  • AND The 'php5' package in precise was vulnerable but has been fixed (note: '5.3.10-1ubuntu3.14').
  • BACK