Lucene search
K

238 matches found

OpenVAS
OpenVAS
added 2015/11/24 12:0 a.m.66 views

Oracle: Security Advisory (ELSA-2015-2155)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.2AI score0.20805EPSS
Exploits3References2
RedHat Linux
RedHat Linux
added 2015/11/19 3:39 a.m.5 views

file: incomplete fix for CVE-2012-1571 in cdf_read_property_info

It was found that the fix for CVE-2012-1571 was incomplete; the File Information fileinfo extension did not correctly parse certain Composite Document Format CDF files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file...

6.5CVSS7.4AI score0.20237EPSS
Exploits2References4
OpenVAS
OpenVAS
added 2015/09/19 12:0 a.m.42 views

F5 BIG-IP - Multiple PHP CDF vulnerabilities CVE-2014-0237 and CVE-2014-0238

The remote host is missing a security patch. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/h:f5:big-ip"; if description...

5CVSS8.2AI score0.20805EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2015/09/18 12:0 a.m.41 views

F5 Networks BIG-IP : Multiple PHP CDF vulnerabilities (SOL16954)

The cdfunpacksummaryinfo function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service performance degradation by triggering many fileprintf calls. C Tenable Network Security, Inc. The descriptive text and package...

5CVSS7.9AI score0.20805EPSS
Exploits0References3
F5 Networks
F5 Networks
added 2015/07/14 12:0 a.m.172 views

SOL16954 - Multiple PHP CDF vulnerabilities CVE-2014-0237 and CVE-2014-0238

CVE-2014-0237 The cdfunpacksummaryinfo function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service performance degradation by triggering many fileprintf calls. CVE-2014-0238 The cdfreadpropertyinfo function in cdf.c...

5CVSS5AI score0.20805EPSS
Exploits0References4
F5 Networks
F5 Networks
added 2015/07/02 12:0 a.m.43 views

SOL16875 - file vulnerability CVE-2012-1571

file before 5.11 and libmagic allow remote attackers to cause a denial of service crash via a crafted Composite Document File CDF file that triggers 1 an out-of-bounds read or 2 an invalid pointer dereference. CVE-2012-1571...

4.3CVSS7.1AI score0.04117EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2015/04/09 12:0 a.m.25 views

PHP 5.4.x < 5.4.29 / 5.5.x < 5.5.13 Multiple Vulnerabilities

Binary data 8679.prm...

5CVSS7.5AI score0.20805EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2015/03/26 12:0 a.m.77 views

Debian DLA-27-1 : file security update

Fix various denial of service attacks : CVE-2014-3487 The cdfreadpropertyinfo function does not properly validate a stream offset, which allows remote attackers to cause a denial of service application crash via a crafted CDF file. CVE-2014-3480 The cdfcountchain function in cdf.c in does not...

6.5CVSS7.9AI score0.20805EPSS
Exploits1References9
Tenable Nessus
Tenable Nessus
added 2015/03/26 12:0 a.m.246 views

Debian DLA-67-1 : php5 security update

CVE-2014-3538 It was discovered that the original fix for CVE-2013-7345 did not sufficiently address the problem. A remote attacker could still cause a denial of service CPU consumption via a specially crafted input file that triggers backtracking during processing of an awk regular expression...

6.8CVSS7.3AI score0.20237EPSS
Exploits3References5
Check Point Advisories
Check Point Advisories
added 2014/11/12 12:0 a.m.13 views

PHP Fileinfo cdf_read_property_info Denial of Service - ver 2 (CVE-2014-3587)

A denial of service vulnerability exists in PHP. It is due to an integer overflow error in the FileInfo module while processing CDF files. A remote attacker can exploit the vulnerability by sending crafted CDF files to a web application running a vulnerable version of PHP...

4.3CVSS5.1AI score0.20237EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2014/11/12 12:0 a.m.61 views

CentOS 6 : file (CESA-2014:1606)

Updated file packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings,...

6.5CVSS7.8AI score0.20805EPSS
Exploits2References8
Tenable Nessus
Tenable Nessus
added 2014/11/04 12:0 a.m.40 views

Scientific Linux Security Update : file on SL6.x i386/x86_64 (20141014)

Multiple denial of service flaws were found in the way file parsed certain Composite Document Format CDF files. A remote attacker could use either of these flaws to crash file, or an application using file, via a specially crafted CDF file. CVE-2014-0237, CVE-2014-0238, CVE-2014-3479,...

6.5CVSS7.7AI score0.20805EPSS
Exploits2References8
RedHat Linux
RedHat Linux
added 2014/10/30 7:45 p.m.5 views

file: cdf_read_short_sector insufficient boundary check

A denial of service flaw was found in the way the File Information fileinfo extension parsed certain Composite Document Format CDF files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file...

6.5CVSS7.2AI score0.16853EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2014/10/30 7:45 p.m.5 views

file: cdf_check_stream_offset insufficient boundary check

A denial of service flaw was found in the way the File Information fileinfo extension parsed certain Composite Document Format CDF files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file...

4.3CVSS7.2AI score0.14927EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2014/10/30 7:45 p.m.5 views

file: CDF property info parsing nelements infinite loop

A denial of service flaw was found in the way the File Information fileinfo extension parsed certain Composite Document Format CDF files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file...

5CVSS7.2AI score0.20805EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2014/10/30 7:45 p.m.6 views

file: cdf_read_property_info insufficient boundary check

A denial of service flaw was found in the way the File Information fileinfo extension parsed certain Composite Document Format CDF files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file...

4.3CVSS7.2AI score0.14927EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2014/10/30 7:45 p.m.6 views

file: incomplete fix for CVE-2012-1571 in cdf_read_property_info

It was found that the fix for CVE-2012-1571 was incomplete; the File Information fileinfo extension did not correctly parse certain Composite Document Format CDF files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file...

6.5CVSS7.2AI score0.20237EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2014/10/30 7:45 p.m.4 views

file: cdf_unpack_summary_info() excessive looping DoS

A denial of service flaw was found in the way the File Information fileinfo extension parsed certain Composite Document Format CDF files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file...

5CVSS7.2AI score0.19877EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2014/10/30 7:45 p.m.8 views

file: incomplete fix for CVE-2012-1571 in cdf_read_property_info

It was found that the fix for CVE-2012-1571 was incomplete; the File Information fileinfo extension did not correctly parse certain Composite Document Format CDF files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file...

6.5CVSS7.2AI score0.20237EPSS
Exploits2References4
Check Point Advisories
Check Point Advisories
added 2014/10/26 12:0 a.m.8 views

PHP Fileinfo cdf_read_property_info Denial of Service (CVE-2014-3587)

A denial of service vulnerability exists in PHP. It is due to an integer overflow error in the FileInfo module while processing CDF files. A remote attacker can exploit the vulnerability by sending crafted CDF files to a web application running a vulnerable version of PHP...

4.3CVSS5.2AI score0.20237EPSS
Exploits1
Rows per page
Query Builder