Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.10 : php5 vulnerabilities (USN-2126-1)

Bernd Melchers discovered that PHP's embedded libmagic library incorrectly handled indirect offset values. An attacker could use this issue to cause PHP to consume resources or crash, resulting in a denial of service. CVE-2014-1943 It was discovered that PHP incorrectly handled certain values whe...

Ubuntu Update for php5 USN-2126-1

Check for the Version of php5 OpenVAS Vulnerability Test $Id: gbubuntuUSN21261.nasl 7957 2017-12-01 06:40:08Z santu $ Ubuntu Update for php5 USN-2126-1 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you...

Ubuntu: Security Advisory (USN-2126-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-2126-1: PHP vulnerabilities

Bernd Melchers discovered that PHP's embedded libmagic library incorrectly handled indirect offset values. An attacker could use this issue to cause PHP to consume resources or crash, resulting in a denial of service. CVE-2014-1943 It was discovered that PHP incorrectly handled certain values whe...

Debian DSA-2868-1 : php5 - denial of service

It was discovered that file, a file type classification tool, contains a flaw in the handling of 'indirect' magic rules in the libmagic library, which leads to an infinite recursion when trying to determine the file type of certain files. The Common Vulnerabilities and Exposures project ID...

[SECURITY] [DSA 2868-1] php5 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2868-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 02, 2014 http://www.debian.org/security/faq -...

Debian Security Advisory DSA 2868-1 (php5 - denial of service)

It was discovered that file, a file type classification tool, contains a flaw in the handling of indirect magic rules in the libmagic library, which leads to an infinite recursion when trying to determine the file type of certain files. The Common Vulnerabilities and Exposures project ID...

Debian: Security Advisory (DSA-2868-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 2861-1] file security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2861-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso February 16, 2014 http://www.debian.org/security/faq -...

Debian DSA-2861-1 : file - denial of service

It was discovered that file, a file type classification tool, contains a flaw in the handling of 'indirect' magic rules in the libmagic library, which leads to an infinite recursion when trying to determine the file type of certain files. The Common Vulnerabilities and Exposures project ID...

Debian: Security Advisory (DSA-2861-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Design/Logic Flaw

The mget function in libmagic/softmagic.c in the Fileinfo component in PHP 5.4.x before 5.4.16 allows remote attackers to cause a denial of service invalid pointer dereference and application crash via an MP3 file that triggers incorrect MIME type detection during access to an finfo object...

CVE-2012-1571

file before 5.11 and libmagic allow remote attackers to cause a denial of service crash via a crafted Composite Document File CDF file that triggers 1 an out-of-bounds read or 2 an invalid pointer dereference...

DEBIAN-CVE-2012-1571

file before 5.11 and libmagic allow remote attackers to cause a denial of service crash via a crafted Composite Document File CDF file that triggers 1 an out-of-bounds read or 2 an invalid pointer dereference...

CVE-2012-1571

file before 5.11 and libmagic allow remote attackers to cause a denial of service crash via a crafted Composite Document File CDF file that triggers 1 an out-of-bounds read or 2 an invalid pointer dereference...

CVE-2012-1571

file before 5.11 and libmagic allow remote attackers to cause a denial of service crash via a crafted Composite Document File CDF file that triggers 1 an out-of-bounds read or 2 an invalid pointer dereference...

CVE-2012-1571

CVE-2012-1571 describes DoS via crafted CDF files that trigger out-of-bounds read or invalid pointer dereference in the File Information (fileinfo) component (libmagic) used by file and PHP. Public Advisories confirm the issue arises from an incomplete fix and that affected products include the f...

PT-2012-1066

Name of the Vulnerable Software and Affected Versions file versions prior to 5.11 libmagic versions prior to 5.11 Description The issue is related to multiple vulnerabilities in the file package, which can lead to a denial of service crash when a crafted Composite Document File CDF is processed...

Debian Security Advisory DSA 2422-1 (file)

The remote host is missing an update to file announced via advisory DSA 2422-1. OpenVAS Vulnerability Test $Id: deb24221.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2422-1 file Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

Debian Security Advisory DSA 2422-1 (file)

The remote host is missing an update to file announced via advisory DSA 2422-1. This VT has been deprecated and merged into the VT SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...