Design/Logic Flaw

readelf.c in file before 5.22, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not consider that pread calls sometimes read only a subset of the available data, which allows remote attackers to cause a denial of service uninitialized memor...

PT-2014-2040 · Php +2 · Php +2

Name of the Vulnerable Software and Affected Versions: PHP versions prior to 5.5.21 PHP versions 5.6.x through 5.6.4 Description: The issue is related to a double free vulnerability in the zend ts hash graceful destroy function, which can be exploited by remote attackers to cause a denial of...