CVE-2014-3669 [High] | Denial of Service in Php

Integer overflow in the object_custom function in ext/standard/var_unserializer.c in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an argument to the unserialize function that triggers calculation of a large length value.

EDB-ID	Source	Kind	Published	Link
—	nvd_ref	exploit_tag		Exploit-DB ↗

EDB-ID

Source

Kind

Published

Link

—

nvd_ref

exploit_tag

Exploit-DB ↗

#	Date	Old EPSS score	New EPSS score	Delta (New - Old)
1	2026-04-29	65.25%	55.95%	-9.29%
2	2026-03-29	66.58%	65.25%	-1.33%
3	2026-03-04	—	66.58%	—

Date

Old EPSS score

New EPSS score

Delta (New - Old)

2026-04-29

65.25%

55.95%

-9.29%

2026-03-29

66.58%

65.25%

-1.33%

2026-03-04

—

66.58%

—

Base score	Version	Severity	Vector	Exploitability	Impact	Score source
7.5	2.0	HIGH	`AV:N/AC:L/Au:N/C:P/I:P/A:P` Click to expand Access vector (AV:N) Can be exploited remotely over network reachability. Access complexity (AC:L) Exploitation conditions are straightforward and predictable. Authentication (AU:N) No authentication is required. Confidentiality impact (C:P) Partial confidentiality impact. Integrity impact (I:P) Partial integrity impact. Availability impact (A:P) Partial availability impact.	10.0	6.4	[email protected]

Base score

Version

Severity

Vector

Exploitability

Impact

Score source

7.5

2.0

HIGH

AV:N/AC:L/Au:N/C:P/I:P/A:P Click to expand

Access vector (AV:N): Can be exploited remotely over network reachability.
Access complexity (AC:L): Exploitation conditions are straightforward and predictable.
Authentication (AU:N): No authentication is required.
Confidentiality impact (C:P): Partial confidentiality impact.
Integrity impact (I:P): Partial integrity impact.
Availability impact (A:P): Partial availability impact.

10.0

6.4

[email protected]

OS Trackers for CVE-2014-3669

vendor	priority	summary	link
`gentoo`	normal	CVE-2014-3669: 1 GLSA(s) (201411-04), 1 atom(s) (dev-lang/php); latest impact normal.	https://bugs.gentoo.org/buglist.cgi?quicksearch=CVE-2014-3669
`redhat`	medium	—	https://access.redhat.com/security/cve/CVE-2014-3669
`suse`	medium	CVE-2014-3669 severity moderate: SUSE including 854 source package names (apache2-mod_php5-5.2.14-0.7.30.62.1, apache2-mod_php5-5.5.14-7.1, …), 1307 product×package rows across 35 product lines (SUSE Enterprise Storage 7.1, SUSE Liberty Linux 7, … (35 product lines)): Fixed 749, Known Not Affected 558.	https://www.suse.com/security/cve/CVE-2014-3669/
`ubuntu`	medium	CVE-2014-3669 medium priority: Ubuntu including 1 source packages (php5), 5 status rows across 5 suites (lucid, precise, trusty, upstream, utopic): released 5.	https://ubuntu.com/security/CVE-2014-3669

Affected software / configurations for CVE-2014-3669

Vendor	Product	Version	Raw CPE
php	php	<= 5.4.33	cpe:2.3:a:php:php::::::::
php	php	5.4.0	cpe:2.3:a:php:php:5.4.0:::::::*
php	php	5.4.1	cpe:2.3:a:php:php:5.4.1:::::::*
php	php	5.4.2	cpe:2.3:a:php:php:5.4.2:::::::*
php	php	5.4.3	cpe:2.3:a:php:php:5.4.3:::::::*
php	php	5.4.4	cpe:2.3:a:php:php:5.4.4:::::::*
php	php	5.4.5	cpe:2.3:a:php:php:5.4.5:::::::*
php	php	5.4.6	cpe:2.3:a:php:php:5.4.6:::::::*
php	php	5.4.7	cpe:2.3:a:php:php:5.4.7:::::::*
php	php	5.4.8	cpe:2.3:a:php:php:5.4.8:::::::*
php	php	5.4.9	cpe:2.3:a:php:php:5.4.9:::::::*
php	php	5.4.10	cpe:2.3:a:php:php:5.4.10:::::::*
php	php	5.4.11	cpe:2.3:a:php:php:5.4.11:::::::*
php	php	5.4.12	cpe:2.3:a:php:php:5.4.12:::::::*
php	php	5.4.12	cpe:2.3:a:php:php:5.4.12:rc1::::::
php	php	5.4.12	cpe:2.3:a:php:php:5.4.12:rc2::::::
php	php	5.4.13	cpe:2.3:a:php:php:5.4.13:::::::*
php	php	5.4.13	cpe:2.3:a:php:php:5.4.13:rc1::::::
php	php	5.4.14	cpe:2.3:a:php:php:5.4.14:::::::*
php	php	5.4.14	cpe:2.3:a:php:php:5.4.14:rc1::::::
php	php	5.4.15	cpe:2.3:a:php:php:5.4.15:rc1::::::
php	php	5.4.16	cpe:2.3:a:php:php:5.4.16:rc1::::::
php	php	5.4.17	cpe:2.3:a:php:php:5.4.17:::::::*
php	php	5.4.18	cpe:2.3:a:php:php:5.4.18:::::::*
php	php	5.4.19	cpe:2.3:a:php:php:5.4.19:::::::*
php	php	5.4.20	cpe:2.3:a:php:php:5.4.20:::::::*
php	php	5.4.21	cpe:2.3:a:php:php:5.4.21:::::::*
php	php	5.4.22	cpe:2.3:a:php:php:5.4.22:::::::*
php	php	5.4.23	cpe:2.3:a:php:php:5.4.23:::::::*
php	php	5.4.24	cpe:2.3:a:php:php:5.4.24:::::::*
php	php	5.4.25	cpe:2.3:a:php:php:5.4.25:::::::*
php	php	5.4.26	cpe:2.3:a:php:php:5.4.26:::::::*
php	php	5.4.27	cpe:2.3:a:php:php:5.4.27:::::::*
php	php	5.4.28	cpe:2.3:a:php:php:5.4.28:::::::*
php	php	5.4.29	cpe:2.3:a:php:php:5.4.29:::::::*
php	php	5.4.30	cpe:2.3:a:php:php:5.4.30:::::::*
php	php	5.4.31	cpe:2.3:a:php:php:5.4.31:::::::*
php	php	5.4.32	cpe:2.3:a:php:php:5.4.32:::::::*
php	php	5.5.0	cpe:2.3:a:php:php:5.5.0:::::::*
php	php	5.5.0	cpe:2.3:a:php:php:5.5.0:alpha1::::::
php	php	5.5.0	cpe:2.3:a:php:php:5.5.0:alpha2::::::
php	php	5.5.0	cpe:2.3:a:php:php:5.5.0:alpha3::::::
php	php	5.5.0	cpe:2.3:a:php:php:5.5.0:alpha4::::::
php	php	5.5.0	cpe:2.3:a:php:php:5.5.0:alpha5::::::
php	php	5.5.0	cpe:2.3:a:php:php:5.5.0:alpha6::::::
php	php	5.5.0	cpe:2.3:a:php:php:5.5.0:beta1::::::
php	php	5.5.0	cpe:2.3:a:php:php:5.5.0:beta2::::::
php	php	5.5.0	cpe:2.3:a:php:php:5.5.0:beta3::::::
php	php	5.5.0	cpe:2.3:a:php:php:5.5.0:beta4::::::
php	php	5.5.0	cpe:2.3:a:php:php:5.5.0:rc1::::::
php	php	5.5.0	cpe:2.3:a:php:php:5.5.0:rc2::::::
php	php	5.5.1	cpe:2.3:a:php:php:5.5.1:::::::*
php	php	5.5.2	cpe:2.3:a:php:php:5.5.2:::::::*
php	php	5.5.3	cpe:2.3:a:php:php:5.5.3:::::::*
php	php	5.5.4	cpe:2.3:a:php:php:5.5.4:::::::*
php	php	5.5.5	cpe:2.3:a:php:php:5.5.5:::::::*
php	php	5.5.6	cpe:2.3:a:php:php:5.5.6:::::::*
php	php	5.5.7	cpe:2.3:a:php:php:5.5.7:::::::*
php	php	5.5.8	cpe:2.3:a:php:php:5.5.8:::::::*
php	php	5.5.9	cpe:2.3:a:php:php:5.5.9:::::::*
php	php	5.5.10	cpe:2.3:a:php:php:5.5.10:::::::*
php	php	5.5.11	cpe:2.3:a:php:php:5.5.11:::::::*
php	php	5.5.12	cpe:2.3:a:php:php:5.5.12:::::::*
php	php	5.5.13	cpe:2.3:a:php:php:5.5.13:::::::*
php	php	5.5.14	cpe:2.3:a:php:php:5.5.14:::::::*
php	php	5.5.15	cpe:2.3:a:php:php:5.5.15:::::::*
php	php	5.5.16	cpe:2.3:a:php:php:5.5.16:::::::*
php	php	5.5.17	cpe:2.3:a:php:php:5.5.17:::::::*
php	php	5.6.0	cpe:2.3:a:php:php:5.6.0:::::::*
php	php	5.6.1	cpe:2.3:a:php:php:5.6.1:::::::*

References for CVE-2014-3669

URL	Tags
http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=56754a7f9eba0e4f559b6ca081d9f2a447b3f159
http://linux.oracle.com/errata/ELSA-2014-1767.html
http://linux.oracle.com/errata/ELSA-2014-1768.html
http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html
http://lists.opensuse.org/opensuse-updates/2014-11/msg00024.html
http://lists.opensuse.org/opensuse-updates/2014-11/msg00034.html
http://lists.opensuse.org/opensuse-updates/2015-01/msg00006.html
http://php.net/ChangeLog-5.php
http://rhn.redhat.com/errata/RHSA-2014-1765.html
http://rhn.redhat.com/errata/RHSA-2014-1766.html
http://rhn.redhat.com/errata/RHSA-2014-1767.html
http://rhn.redhat.com/errata/RHSA-2014-1768.html
http://rhn.redhat.com/errata/RHSA-2014-1824.html
http://secunia.com/advisories/59967
http://secunia.com/advisories/60630
http://secunia.com/advisories/60699
http://secunia.com/advisories/61763
http://secunia.com/advisories/61970
http://secunia.com/advisories/61982
http://www.debian.org/security/2014/dsa-3064
http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
http://www.securityfocus.com/bid/70611
http://www.ubuntu.com/usn/USN-2391-1
https://bugs.php.net/bug.php?id=68044	Exploit Patch Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1154500
https://support.apple.com/HT204659

URL

CVE-2014-3669

Public exploit references (Exploit-DB) for CVE-2014-3669

Exploit prediction scoring system (EPSS) score for CVE-2014-3669

Common vulnerability scoring system (CVSS) metrics for CVE-2014-3669

Weakness enumeration for CVE-2014-3669

OS Trackers for CVE-2014-3669

Affected software / configurations for CVE-2014-3669

References for CVE-2014-3669