4 matches found
Design/Logic Flaw
The cdfcheckstreamoffset function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, relies on incorrect sector-size data, which allows remote attackers to cause a denial of service application crash via a crafted stream offset in a CDF...
Design/Logic Flaw
The cdfreadshortsector function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service assertion failure and application exit via a crafted CDF file...
CVE-2014-0207
The cdfreadshortsector function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service assertion failure and application exit via a crafted CDF file...
PT-2014-1421 · Php +5 · Php +5
Name of the Vulnerable Software and Affected Versions: PHP versions prior to 5.4.30 PHP versions 5.5.x prior to 5.5.14 Description: The issue arises from incorrect anticipation of data structure types after unserialization in the SPL component, leading to potential remote code execution through...