A flaw exists with the ‘cdf_unpack_summary_info()’ function within ‘src/cdf.c’ where multiple file_printf calls occur when handling specially crafted CDF files. This could allow a context dependent attacker to crash the web application using PHP. (Bug 67328 / CVE-2014-0237)
A flaw exists with the ‘cdf_read_property_info()’ function within ‘src/cdf.c’ where an infinite loop occurs when handling specially crafted CDF files. This could allow a context dependent attacker to crash the web application using PHP. (Bug 67327 / CVE-2014-0238)
An out-of-bounds read exists in printf when parsing a single quote as the padding specifier. (Bug 67249)

Binary data 8679.prm

VendorProductVersionCPE
phpphpcpe:/a:php:php

Vendor	Product	Version	CPE
php	php		cpe:/a:php:php

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238

php.net/ChangeLog-5.php#5.5.13

bugs.php.net/bug.php?id=67249

bugs.php.net/bug.php?id=67327

bugs.php.net/bug.php?id=67328

fedora 7

openvas 33

nessus 45

mageia 2

f5 2

securityvulns 6

amazon 4

slackware 1

suse 1

ubuntu 2

osv 5

debian 5

ubuntucve 2

cve 2

debiancve 2

prion 2

checkpoint_advisories 1

ibm 2

redhat 6

oraclelinux 4

centos 4

freebsd 1

veracode 3

gentoo 1

rosalinux 1

fedora

[SECURITY] Fedora 19 Update: php-phpunit-PHPUnit-MockObject-1.2.3-4.fc19

2014-06-17 23:36:22

[SECURITY] Fedora 20 Update: php-phpunit-PHPUnit-MockObject-1.2.3-4.fc20

2014-06-17 23:31:30

[SECURITY] Fedora 19 Update: php-doctrine-orm-2.4.2-2.fc19

2014-06-17 23:36:22

openvas

Fedora Update for php-doctrine-orm FEDORA-2014-6904

2014-06-23 00:00:00

Fedora Update for php-doctrine-orm FEDORA-2014-6901

2014-06-23 00:00:00

PHP CDF File Parsing Denial of Service Vulnerabilities - 01 - Jun14

2014-06-16 00:00:00

nessus

Fedora 20 : php-phpunit-PHPUnit-MockObject-1.2.3-4.fc20 / php-5.5.13-3.fc20 / etc (2014-6901)

2014-06-18 00:00:00

Mandriva Linux Security Advisory : php (MDVSA-2014:115)

2014-06-11 00:00:00

PHP 5.5.x < 5.5.13 'src/cdf.c' Multiple Vulnerabilities

2014-06-03 00:00:00

mageia

Updated file packages fix CVE-2014-0237-8

2014-06-06 09:52:39

Updated php packages fix CVE-2014-0237-8

2014-06-06 21:54:14

SOL16954 - Multiple PHP CDF vulnerabilities CVE-2014-0237 and CVE-2014-0238

2015-07-14 00:00:00

K16954 : Multiple PHP CDF vulnerabilities CVE-2014-0237 and CVE-2014-0238

2015-09-16 00:00:00

securityvulns

[ MDVSA-2014:116 ] file

2014-06-14 00:00:00

PHP/fileinfo/file DoS

2014-06-14 00:00:00

APPLE-SA-2014-09-17-3 OS X Mavericks 10.9.5 and Security Update 2014-004

2014-09-21 00:00:00

amazon

Medium: php55

2014-06-15 16:29:00

Medium: php54

2014-06-15 16:29:00

Medium: php

2014-08-21 11:15:00

slackware

[slackware-security] php

2014-06-09 21:04:52

suse

Security update for php53 (important)

2014-07-04 01:04:18

ubuntu

PHP updates

2014-06-25 00:00:00

PHP vulnerabilities

2014-06-23 00:00:00

osv

php5 - security update

2014-06-01 00:00:00

php5 - regression update

2015-01-31 00:00:00

php5 - security update

2015-01-31 00:00:00

debian

[SECURITY] [DSA 2943-1] php5 security update

2014-06-01 08:38:03

[SECURITY] [DLA 145-1] php5 security update

2015-01-31 13:08:25

[DLA 27-1] file security update

2014-07-31 14:47:17

ubuntucve

CVE-2014-0237

2014-06-01 00:00:00

CVE-2014-0238

2014-06-01 00:00:00

cve

CVE-2014-0237

2014-06-01 04:29:00

CVE-2014-0238

2014-06-01 04:29:00

debiancve

CVE-2014-0237

2014-06-01 04:29:00

CVE-2014-0238

2014-06-01 04:29:00

prion

Code injection

2014-06-01 04:29:00

Design/Logic Flaw

2014-06-01 04:29:00

checkpoint_advisories

PHP CDF File Handling Infinite Loop (CVE-2014-0238)

2014-08-03 00:00:00

ibm

Security Bulletin: Multiple vulnerabilities in PHP as used by IBM QRadar Incident Forensics 7.2 MR2. (CVE-2014-3515, CVE-2014-4049, CVE-2014-3981, CVE-2014-0238, CVE-2014-0237, CVE-2014-4721)

2018-06-16 21:19:23

Security Bulletin: Multiple vulnerabilities in file affect PowerKVM

2018-06-18 01:30:43

redhat

(RHSA-2014:1606) Moderate: file security and bug fix update

2014-10-14 00:00:00

(RHSA-2014:1013) Moderate: php security update

2014-08-06 00:00:00

(RHSA-2014:1012) Moderate: php53 and php security update

2014-08-06 00:00:00

oraclelinux

file security and bug fix update

2014-10-15 00:00:00

php security update

2014-08-06 00:00:00

php53 and php security update

2014-08-06 00:00:00

centos

file, python security update

2014-10-20 18:08:44

php security update

2014-08-06 14:38:20

php, php53 security update

2014-08-06 14:53:37

freebsd

PHP multiple vulnerabilities

2014-08-14 00:00:00

veracode

Denial Of Service (DoS)

2019-05-02 05:04:17

Denial Of Service (DoS)

2019-05-02 05:04:17

Denial Of Service (DoS)

2019-05-02 05:04:16

gentoo

PHP: Multiple vulnerabilities

2014-08-29 00:00:00

rosalinux

Advisory ROSA-SA-2021-1950

2021-07-02 17:57:45

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

JSON

Related for 8679.PRM