66 matches found
EUVD-2014-0274
Malware in sbrugna...
EUVD-2014-3488
Malicious code in bioql PyPI...
EUVD-2014-3562
Malicious code in bioql PyPI...
K40306410: PHP vulnerability CVE-2014-0236
Security Advisory Description file before 5.18, as used in the Fileinfo component in PHP before 5.6.0, allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a zero rootstorage value in a CDF file, related to cdf.c and readcdf.c. CVE-2014-0236 Impa...
SUSE CVE-2012-1571
file before 5.11 and libmagic allow remote attackers to cause a denial of service crash via a crafted Composite Document File CDF file that triggers 1 an out-of-bounds read or 2 an invalid pointer dereference...
SUSE CVE-2014-0207
The cdfreadshortsector function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service assertion failure and application exit via a crafted CDF file...
SUSE CVE-2014-3480
The cdfcountchain function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate sector-count data, which allows remote attackers to cause a denial of service application crash via a crafted CDF file...
SUSE CVE-2014-3487
The cdfreadpropertyinfo function in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate a stream offset, which allows remote attackers to cause a denial of service application crash via a crafted CDF file...
DEBIAN-CVE-2019-18218
cdfreadpropertyinfo in cdf.c in file through 5.37 does not restrict the number of CDFVECTOR elements, which allows a heap-based buffer overflow 4-byte out-of-bounds write...
UBUNTU-CVE-2019-18218
cdfreadpropertyinfo in cdf.c in file through 5.37 does not restrict the number of CDFVECTOR elements, which allows a heap-based buffer overflow 4-byte out-of-bounds write...
Denial Of Service (DoS)
php is vulnerable to denial of service DoS. The vulnerability exists in the cdfcountchain function in cdf.c, where a DoS can be caused by parsing a CDF file...
Denial Of Service (DoS)
php is vulnerable to denial of service DoS. The vulnerability exists in the cdfreadpropertyinfo function in file, where a DoS can be caused when parsing a CDF file...
Denial Of Service (DoS)
php is vulnerable to denial of service DoS. The vulnerability exists as the cdfcheckstreamoffset function of cdf.c, where a DoS can be caused by parsing a CDF file...
Denial Of Service
PHP is susceptible to denial of service. The vulnerability exists because of the way the File Information fileinfo extension parsed certain Composite Document Format CDF files. An attacker can inject malicious CDF file to crash a PHP...
PHP 5.6.0 Development Releases CDF File NULL Pointer Dereference DoS
According to its banner, the version of PHP installed on the remote host is a development version of 5.6.0. It is, therefore, affected by a NULL pointer dereference error in the 'libmagic' library of the 'fileinfo' extension when processing malformed CDF files. By uploading a specially crafted CD...
PHP < 5.6.0 DoS Vulnerability - Windows
PHP is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...
Null pointer dereference
file before 5.18, as used in the Fileinfo component in PHP before 5.6.0, allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a zero rootstorage value in a CDF file, related to cdf.c and readcdf.c...
DEBIAN-CVE-2014-0236
file before 5.18, as used in the Fileinfo component in PHP before 5.6.0, allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a zero rootstorage value in a CDF file, related to cdf.c and readcdf.c...
file, python security update
CentOS Errata and Security Advisory CESA-2016:0760 An update for file is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
PT-2016-3483 · Php · Php +1
Name of the Vulnerable Software and Affected Versions: Fileinfo component in PHP versions prior to 5.6.0 file versions prior to 5.18 Description: The issue allows remote attackers to cause a denial of service, resulting in a NULL pointer dereference and application crash. This is achieved by usin...