Lucene search
K

30 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2014-3487

Malicious code in bioql PyPI...

5CVSS8.4AI score0.15176EPSS
Exploits1References30
SUSE CVE
SUSE CVE
added 2023/02/15 5:28 a.m.4 views

SUSE CVE-2014-3478

Buffer overflow in the mconvert function in softmagic.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service application crash via a crafted Pascal string in a FILEPSTRING conversion...

6.5CVSS8.3AI score0.15176EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2023/02/15 5:24 a.m.5 views

SUSE CVE-2014-9652

The mconvert function in softmagic.c in file before 5.21, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not properly handle a certain string-length field during a copy of a truncated version of a Pascal string, which might allow remote...

5CVSS7AI score0.05489EPSS
Exploits0References10
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.39 views

SUSE: Security Advisory (SUSE-SU-2015:0436-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS9.1AI score0.53166EPSS
Exploits51References54
Veracode
Veracode
added 2019/05/02 5:4 a.m.24 views

Denial Of Service (DoS)

php is vulnerable to denial of service DoS. The vulnerability exists through a buffer overflow issue in the mconvert function in softmagic.c, where parsing a Pascal string in a FILEPSTRING conversion would cause a DoS attack...

5CVSS7AI score0.15176EPSS
Exploits1References21Affected Software2
BDU FSTEC
BDU FSTEC
added 2016/07/07 12:0 a.m.5 views

The vulnerability of the PHP interpreter allows a remote attacker to gain access to memory areas beyond the application’s boundaries, or cause the application to terminate abnormally.

The vulnerability of the PHP interpreter in the mconvert function located in the Fileinfo component’s script, softmagic.c causes an error in the pointer to the field that stores the length of the string under certain copy scenarios. As a result, a malicious actor can gain access to memory areas...

5CVSS6.7AI score0.05489EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.8 views

Vulnerability of PHP software, allowing a malicious actor to compromise the accessibility of protected information

Overfilling the buffer in the mconvert function in softmagic.c, within the Fileinfo component for PHP, allows malicious individuals operating remotely to cause a service failure abrupt termination of the application, by using specially crafted strings in the FILEPSTRING transformations...

5CVSS7.7AI score0.15176EPSS
Exploits1References5Affected Software1
RedHat Linux
RedHat Linux
added 2015/11/19 3:39 a.m.4 views

file: out of bounds read in mconvert()

An ouf-of-bounds read flaw was found in the way the file utility processed certain Pascal strings. A remote attacker could cause an application using the file utility for example, PHP using the fileinfo module to crash if it was used to identify the type of the attacker-supplied file...

5CVSS6.7AI score0.05489EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2015/06/23 8:11 a.m.4 views

file: out of bounds read in mconvert()

An ouf-of-bounds read flaw was found in the way the file utility processed certain Pascal strings. A remote attacker could cause an application using the file utility for example, PHP using the fileinfo module to crash if it was used to identify the type of the attacker-supplied file...

5CVSS6.7AI score0.05489EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2015/06/04 8:6 a.m.3 views

file: out of bounds read in mconvert()

An ouf-of-bounds read flaw was found in the way the file utility processed certain Pascal strings. A remote attacker could cause an application using the file utility for example, PHP using the fileinfo module to crash if it was used to identify the type of the attacker-supplied file...

5CVSS6.7AI score0.05489EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2015/06/04 8:2 a.m.7 views

file: out of bounds read in mconvert()

An ouf-of-bounds read flaw was found in the way the file utility processed certain Pascal strings. A remote attacker could cause an application using the file utility for example, PHP using the fileinfo module to crash if it was used to identify the type of the attacker-supplied file...

5CVSS6.7AI score0.05489EPSS
Exploits0References4
Prion
Prion
added 2015/03/30 10:59 a.m.33 views

Out-of-bounds

The mconvert function in softmagic.c in file before 5.21, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not properly handle a certain string-length field during a copy of a truncated version of a Pascal string, which might allow remote...

5CVSS6.9AI score0.05489EPSS
Exploits0References21Affected Software2
Debian CVE
Debian CVE
added 2015/03/30 10:0 a.m.25 views

CVE-2014-9652

The mconvert function in softmagic.c in file before 5.21, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not properly handle a certain string-length field during a copy of a truncated version of a Pascal string, which might allow remote...

5CVSS7.4AI score0.05489EPSS
Exploits0
CVE
CVE
added 2015/03/30 10:0 a.m.209 views

CVE-2014-9652

CVE-2014-9652 affects the Fileinfo component’s mconvert path (softmagic.c) used by PHP’s fileinfo. The vulnerability arises from improper handling of a string-length field when copying a truncated Pascal string, potentially allowing a remote attacker to cause a denial of service via out-of-bounds...

5CVSS6.7AI score0.05489EPSS
Exploits0References21Affected Software1
Tenable Nessus
Tenable Nessus
added 2015/03/09 12:0 a.m.52 views

openSUSE Security Update : php5 (openSUSE-2015-203)

php5 was updated to fix two security issues. These security issues were fixed : - CVE-2014-9652: Out of bounds read in mconvert bnc917150. - CVE-2015-0273: Use after free vulnerability in unserialize with DateTimeZone bnc918768. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive...

7.5CVSS6.8AI score0.41315EPSS
Exploits9References4
OPENSUSE Linux
OPENSUSE Linux
added 2015/03/06 11:4 a.m.62 views

Security update for php5 (important)

php5 was updated to fix two security issues. These security issues were fixed: - CVE-2014-9652: Out of bounds read in mconvert bnc917150. - CVE-2015-0273: Use after free vulnerability in unserialize with DateTimeZone bnc918768...

7.5CVSS2.4AI score0.41315EPSS
Exploits9References2
OSV
OSV
added 2015/01/08 12:0 a.m.3 views

UBUNTU-CVE-2014-9652

The mconvert function in softmagic.c in file before 5.21, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not properly handle a certain string-length field during a copy of a truncated version of a Pascal string, which might allow remote...

5CVSS7.3AI score0.05489EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2014/10/12 12:0 a.m.44 views

Amazon Linux AMI : file (ALAS-2014-382)

A denial of service flaw was found in the way the File Information fileinfo extension parsed certain Composite Document Format CDF files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file. Buffer overflow in the mconvert function in...

6.5CVSS7.7AI score0.20805EPSS
Exploits3References9
OSV
OSV
added 2014/07/09 11:7 a.m.1 views

DEBIAN-CVE-2014-3478

Buffer overflow in the mconvert function in softmagic.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service application crash via a crafted Pascal string in a FILEPSTRING conversion...

6.5CVSS7.1AI score0.15176EPSS
Exploits1References1
NVD
NVD
added 2014/07/09 11:7 a.m.23 views

CVE-2014-3478

Buffer overflow in the mconvert function in softmagic.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service application crash via a crafted Pascal string in a FILEPSTRING conversion...

6.5CVSS7.1AI score0.15176EPSS
Exploits1References19
Rows per page
Query Builder