PCI Vulnerability CVE Reference: CVE-2014-4049 Patched

You are here:

Home
News
PCI Vulnerability CVE Reference: CVE-2014-4049 Patched

January 2, 2014NewsBy PRO-Webs Support

CVE Reference: CVE-2014-4049 reported 6/13/2014.

A malicious server or man-in-the-middle attacker could possibly use this flaw to execute arbitrary code as the PHP interpreter if a PHP application uses dns_get_record() to perform a DNS query.

Heap-based buffer overflow in the php_parserr function in ext/standard/dns.c in PHP 5.6.0beta4 and earlier allows remote servers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted DNS TXT record, related to the dns_get_record function.

CVE-2014-4049 – Secunia Advisory: SA59270 has been patched on all of our servers.

About the author

PRO-Webs Support

Facebook Message for Zen Cart
May 10, 2018

PayPal Removal of RC4-based ciphers from the Payflow environment
March 21, 2018

Additional Images Uploader for Zen Cart
February 20, 2018

PayPal / Payflow changes to IP addresses
August 17, 2017

CVE-2017-1000364
June 23, 2017

4-12-2017-5.2.21 Security Patch PHPMailer Zen Cart 1.3.x-1.5.5
April 13, 2017

“Melanie and her team expertly facilitated our conversion to a fast, vibrant, and exciting website. She not only completed the transition ahead of schedule, but also patiently explained the whys and wherefores along the way. As a result, we have a website we can be proud of and can brag about!”

Heirlooms To Cherish Said
Thanks for taking care of this matter Larry.
I will gladly give my positive feedback about you if you have where I can do such.
Thanks again!

Thank you,
Wilson – Hobby Wireless

Outstanding!
“Professional service, use them regularly”

My Pool, Inc said:

Notice: Unauthorized attempts to access, upload information, or deface this web site is strictly prohibited and are subject to prosecution under the Computer Fraud and Abuse Act of 1986 and Title 18 U.S.C. Sec. 1001 and 1030.