Lucene search
K

4 matches found

CVE
CVE
added 2014/07/09 10:0 a.m.295 views

CVE-2014-3479

CVE-2014-3479 affects the Fileinfo component in PHP (cdf_check_stream_offset in cdf.c) and can trigger a remote denial of service (application crash) by crafting a CDF stream offset. It is tied to PHP versions before 5.4.30 and 5.5.x before 5.5.14 due to incorrect sector-size data. The issue is d...

4.3CVSS8.9AI score0.14927EPSS
CVE
CVE
added 2014/07/09 10:0 a.m.291 views

CVE-2014-3480

The CVE-2014-3480 entry concerns a flaw in the cdf_count_chain function of cdf.c used by PHP’s Fileinfo component. The issue stems from inadequate validation of sector-count data in CDF files, enabling a remote attacker to trigger a denial of service (application crash) by supplying a crafted CDF...

6.5CVSS8.9AI score0.11481EPSS
CVE
CVE
added 2014/07/09 10:0 a.m.280 views

CVE-2014-3487

CVE-2014-3487 is a vulnerability in PHP’s Fileinfo (cdf_read_property_info in cdf.c) where the Fileinfo component fails to validate a stream offset in CDF files. A crafted CDF file can cause a DoS (application crash) on PHP builds using file before 5.19, specifically affecting PHP 5.4.30 and 5.5....

4.3CVSS8.8AI score0.14927EPSS
CVE
CVE
added 2014/03/14 3:0 p.m.205 views

CVE-2014-2270

CVE-2014-2270 affects the file/libmagic implementation (softmagic.c) prior to version 5.17. A crafted PE executable can trigger an out-of-bounds memory access in the softmagic data, enabling a context-dependent attacker to cause a denial-of-service (crash). Public advisories describe the impact a...

4.3CVSS5.6AI score0.04318EPSS