Lucene search

K
nvd[email protected]NVD:CVE-2014-3478
HistoryJul 09, 2014 - 11:07 a.m.

CVE-2014-3478

2014-07-0911:07:01
CWE-119
web.nvd.nist.gov
4

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

7.1

Confidence

High

EPSS

0.157

Percentile

96.0%

Buffer overflow in the mconvert function in softmagic.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (application crash) via a crafted Pascal string in a FILE_PSTRING conversion.

Affected configurations

Nvd
Node
christos_zoulasfileRange5.18
OR
christos_zoulasfileMatch5.00
OR
christos_zoulasfileMatch5.01
OR
christos_zoulasfileMatch5.02
OR
christos_zoulasfileMatch5.03
OR
christos_zoulasfileMatch5.04
OR
christos_zoulasfileMatch5.05
OR
christos_zoulasfileMatch5.06
OR
christos_zoulasfileMatch5.07
OR
christos_zoulasfileMatch5.08
OR
christos_zoulasfileMatch5.09
OR
christos_zoulasfileMatch5.10
OR
christos_zoulasfileMatch5.11
OR
christos_zoulasfileMatch5.12
OR
christos_zoulasfileMatch5.13
OR
christos_zoulasfileMatch5.14
OR
christos_zoulasfileMatch5.15
OR
christos_zoulasfileMatch5.16
OR
christos_zoulasfileMatch5.17
OR
phpphpRange5.4.29
OR
phpphpMatch5.4.0
OR
phpphpMatch5.4.1
OR
phpphpMatch5.4.2
OR
phpphpMatch5.4.3
OR
phpphpMatch5.4.4
OR
phpphpMatch5.4.5
OR
phpphpMatch5.4.6
OR
phpphpMatch5.4.7
OR
phpphpMatch5.4.8
OR
phpphpMatch5.4.9
OR
phpphpMatch5.4.10
OR
phpphpMatch5.4.11
OR
phpphpMatch5.4.12
OR
phpphpMatch5.4.12rc1
OR
phpphpMatch5.4.12rc2
OR
phpphpMatch5.4.13
OR
phpphpMatch5.4.13rc1
OR
phpphpMatch5.4.14
OR
phpphpMatch5.4.14rc1
OR
phpphpMatch5.4.15rc1
OR
phpphpMatch5.4.16rc1
OR
phpphpMatch5.4.17
OR
phpphpMatch5.4.18
OR
phpphpMatch5.4.19
OR
phpphpMatch5.4.20
OR
phpphpMatch5.4.21
OR
phpphpMatch5.4.22
OR
phpphpMatch5.4.23
OR
phpphpMatch5.4.24
OR
phpphpMatch5.4.25
OR
phpphpMatch5.4.26
OR
phpphpMatch5.4.27
OR
phpphpMatch5.4.28
OR
phpphpMatch5.5.0
OR
phpphpMatch5.5.0alpha1
OR
phpphpMatch5.5.0alpha2
OR
phpphpMatch5.5.0alpha3
OR
phpphpMatch5.5.0alpha4
OR
phpphpMatch5.5.0alpha5
OR
phpphpMatch5.5.0alpha6
OR
phpphpMatch5.5.0beta1
OR
phpphpMatch5.5.0beta2
OR
phpphpMatch5.5.0beta3
OR
phpphpMatch5.5.0beta4
OR
phpphpMatch5.5.0rc1
OR
phpphpMatch5.5.0rc2
OR
phpphpMatch5.5.1
OR
phpphpMatch5.5.2
OR
phpphpMatch5.5.3
OR
phpphpMatch5.5.4
OR
phpphpMatch5.5.5
OR
phpphpMatch5.5.6
OR
phpphpMatch5.5.7
OR
phpphpMatch5.5.8
OR
phpphpMatch5.5.9
OR
phpphpMatch5.5.10
OR
phpphpMatch5.5.11
OR
phpphpMatch5.5.12
OR
phpphpMatch5.5.13
VendorProductVersionCPE
christos_zoulasfile*cpe:2.3:a:christos_zoulas:file:*:*:*:*:*:*:*:*
christos_zoulasfile5.00cpe:2.3:a:christos_zoulas:file:5.00:*:*:*:*:*:*:*
christos_zoulasfile5.01cpe:2.3:a:christos_zoulas:file:5.01:*:*:*:*:*:*:*
christos_zoulasfile5.02cpe:2.3:a:christos_zoulas:file:5.02:*:*:*:*:*:*:*
christos_zoulasfile5.03cpe:2.3:a:christos_zoulas:file:5.03:*:*:*:*:*:*:*
christos_zoulasfile5.04cpe:2.3:a:christos_zoulas:file:5.04:*:*:*:*:*:*:*
christos_zoulasfile5.05cpe:2.3:a:christos_zoulas:file:5.05:*:*:*:*:*:*:*
christos_zoulasfile5.06cpe:2.3:a:christos_zoulas:file:5.06:*:*:*:*:*:*:*
christos_zoulasfile5.07cpe:2.3:a:christos_zoulas:file:5.07:*:*:*:*:*:*:*
christos_zoulasfile5.08cpe:2.3:a:christos_zoulas:file:5.08:*:*:*:*:*:*:*
Rows per page:
1-10 of 791

References

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

7.1

Confidence

High

EPSS

0.157

Percentile

96.0%