5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.044 Low
EPSS
Percentile
92.3%
An out-of-bounds read flaw was found in file’s donote() function in the way the file utility determined the note headers of a elf file. This could possibly lead to file executable crash (CVE-2014-3710). PHP uses an embedded copy of file’s libmagic library, and was therefore affected. It has been patched to correct this issue. This update also provides an updated php-timezonedb.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 3 | noarch | php | < 5.4.34-1.1 | php-5.4.34-1.1.mga3 |
Mageia | 3 | noarch | php-timezonedb | < 2014.9-1 | php-timezonedb-2014.9-1.mga3 |
Mageia | 4 | noarch | php | < 5.5.18-1.2 | php-5.5.18-1.2.mga4 |
Mageia | 4 | noarch | php-timezonedb | < 2014.9-1 | php-timezonedb-2014.9-1.mga4 |