CVE-2014-3669

Integer overflow in the object_custom function in ext/standard/var_unserializer.c in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an argument to the unserialize function that triggers calculation of a large length value.

Affected Software

Name	Vendor	Start Version	End Version
Php	Php	*	5.4.33 (including)
Php	Php	5.4.0 (including)	5.4.0 (including)
Php	Php	5.4.1 (including)	5.4.1 (including)
Php	Php	5.4.2 (including)	5.4.2 (including)
Php	Php	5.4.3 (including)	5.4.3 (including)
Php	Php	5.4.4 (including)	5.4.4 (including)
Php	Php	5.4.5 (including)	5.4.5 (including)
Php	Php	5.4.6 (including)	5.4.6 (including)
Php	Php	5.4.7 (including)	5.4.7 (including)
Php	Php	5.4.8 (including)	5.4.8 (including)
Php	Php	5.4.9 (including)	5.4.9 (including)
Php	Php	5.4.10 (including)	5.4.10 (including)
Php	Php	5.4.11 (including)	5.4.11 (including)
Php	Php	5.4.12 (including)	5.4.12 (including)
Php	Php	5.4.12-rc1 (including)	5.4.12-rc1 (including)
Php	Php	5.4.12-rc2 (including)	5.4.12-rc2 (including)
Php	Php	5.4.13 (including)	5.4.13 (including)
Php	Php	5.4.13-rc1 (including)	5.4.13-rc1 (including)
Php	Php	5.4.14 (including)	5.4.14 (including)
Php	Php	5.4.14-rc1 (including)	5.4.14-rc1 (including)
Php	Php	5.4.15-rc1 (including)	5.4.15-rc1 (including)
Php	Php	5.4.16-rc1 (including)	5.4.16-rc1 (including)
Php	Php	5.4.17 (including)	5.4.17 (including)
Php	Php	5.4.18 (including)	5.4.18 (including)
Php	Php	5.4.19 (including)	5.4.19 (including)
Php	Php	5.4.20 (including)	5.4.20 (including)
Php	Php	5.4.21 (including)	5.4.21 (including)
Php	Php	5.4.22 (including)	5.4.22 (including)
Php	Php	5.4.23 (including)	5.4.23 (including)
Php	Php	5.4.24 (including)	5.4.24 (including)
Php	Php	5.4.25 (including)	5.4.25 (including)
Php	Php	5.4.26 (including)	5.4.26 (including)
Php	Php	5.4.27 (including)	5.4.27 (including)
Php	Php	5.4.28 (including)	5.4.28 (including)
Php	Php	5.4.29 (including)	5.4.29 (including)
Php	Php	5.4.30 (including)	5.4.30 (including)
Php	Php	5.4.31 (including)	5.4.31 (including)
Php	Php	5.4.32 (including)	5.4.32 (including)
Php	Php	5.5.0 (including)	5.5.0 (including)
Php	Php	5.5.0-alpha1 (including)	5.5.0-alpha1 (including)
Php	Php	5.5.0-alpha2 (including)	5.5.0-alpha2 (including)
Php	Php	5.5.0-alpha3 (including)	5.5.0-alpha3 (including)
Php	Php	5.5.0-alpha4 (including)	5.5.0-alpha4 (including)
Php	Php	5.5.0-alpha5 (including)	5.5.0-alpha5 (including)
Php	Php	5.5.0-alpha6 (including)	5.5.0-alpha6 (including)
Php	Php	5.5.0-beta1 (including)	5.5.0-beta1 (including)
Php	Php	5.5.0-beta2 (including)	5.5.0-beta2 (including)
Php	Php	5.5.0-beta3 (including)	5.5.0-beta3 (including)
Php	Php	5.5.0-beta4 (including)	5.5.0-beta4 (including)
Php	Php	5.5.0-rc1 (including)	5.5.0-rc1 (including)
Php	Php	5.5.0-rc2 (including)	5.5.0-rc2 (including)
Php	Php	5.5.1 (including)	5.5.1 (including)
Php	Php	5.5.2 (including)	5.5.2 (including)
Php	Php	5.5.3 (including)	5.5.3 (including)
Php	Php	5.5.4 (including)	5.5.4 (including)
Php	Php	5.5.5 (including)	5.5.5 (including)
Php	Php	5.5.6 (including)	5.5.6 (including)
Php	Php	5.5.7 (including)	5.5.7 (including)
Php	Php	5.5.8 (including)	5.5.8 (including)
Php	Php	5.5.9 (including)	5.5.9 (including)
Php	Php	5.5.10 (including)	5.5.10 (including)
Php	Php	5.5.11 (including)	5.5.11 (including)
Php	Php	5.5.12 (including)	5.5.12 (including)
Php	Php	5.5.13 (including)	5.5.13 (including)
Php	Php	5.5.14 (including)	5.5.14 (including)
Php	Php	5.5.15 (including)	5.5.15 (including)
Php	Php	5.5.16 (including)	5.5.16 (including)
Php	Php	5.5.17 (including)	5.5.17 (including)
Php	Php	5.6.0 (including)	5.6.0 (including)
Php	Php	5.6.1 (including)	5.6.1 (including)

NVD	https://nvd.nist.gov/vuln/detail/CVE-2014-3669
CWE	https://cwe.mitre.org/data/definitions/189.html

Affected Software

References