Lucene search
UbuntuUSN-2163-1HistoryApr 07, 2014 - 12:00 a.m.
PHP vulnerability
2014-04-0700:00:00
ubuntu.com
20
6.4 Medium
AI Score
Confidence
Low
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.959 High
EPSS
Percentile
99.4%
Releases
- Ubuntu 13.10
- Ubuntu 12.10
- Ubuntu 12.04
- Ubuntu 10.04
Packages
- php5 - HTML-embedded scripting language interpreter
Details
It was discovered that PHPβs embedded libmagic library incorrectly handled
PE executables. An attacker could use this issue to cause PHP to crash,
resulting in a denial of service.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 13.10 | noarch | php5-cli | <Β 5.5.3+dfsg-1ubuntu2.3 | UNKNOWN |
| Ubuntu | 13.10 | noarch | libapache2-mod-php5 | <Β 5.5.3+dfsg-1ubuntu2.3 | UNKNOWN |
| Ubuntu | 13.10 | noarch | libapache2-mod-php5filter | <Β 5.5.3+dfsg-1ubuntu2.3 | UNKNOWN |
| Ubuntu | 13.10 | noarch | libphp5-embed | <Β 5.5.3+dfsg-1ubuntu2.3 | UNKNOWN |
| Ubuntu | 13.10 | noarch | php5-cgi | <Β 5.5.3+dfsg-1ubuntu2.3 | UNKNOWN |
| Ubuntu | 13.10 | noarch | php5-common | <Β 5.5.3+dfsg-1ubuntu2.3 | UNKNOWN |
| Ubuntu | 13.10 | noarch | php5-curl | <Β 5.5.3+dfsg-1ubuntu2.3 | UNKNOWN |
| Ubuntu | 13.10 | noarch | php5-dbg | <Β 5.5.3+dfsg-1ubuntu2.3 | UNKNOWN |
| Ubuntu | 13.10 | noarch | php5-dev | <Β 5.5.3+dfsg-1ubuntu2.3 | UNKNOWN |
| Ubuntu | 13.10 | noarch | php5-enchant | <Β 5.5.3+dfsg-1ubuntu2.3 | UNKNOWN |
References
Related
nessus
nessus
openSUSE Security Update : file (openSUSE-SU-2014:0435-1)
2014-06-13 00:00:00
Fedora 19 : file-5.11-13.fc19 (2014-3589)
2014-03-27 00:00:00
openvas
openvas
Ubuntu Update for file USN-2162-1
2014-04-08 00:00:00
Mageia: Security Advisory (MGASA-2014-0123)
2022-01-28 00:00:00
Ubuntu Update for php5 USN-2163-1
2014-04-08 00:00:00
veracode
veracode
Denial Of Service (DoS) Through Out-of-Bounds Access
2018-08-13 18:00:16
Denial Of Service (DoS)
2019-05-02 05:04:17
Denial Of Service (DoS)
2019-05-02 05:04:16
prion
prion
Out-of-bounds
2014-03-14 15:55:00
checkpoint_advisories
checkpoint_advisories
PHP Libmagic Portable Executable Out-Of-Bounds Memory Access (CVE-2014-2270)
2014-05-18 00:00:00
cve
cve
CVE-2014-2270
2014-03-14 15:55:00
freebsd
freebsd
file -- out-of-bounds access in search rules with offsets from input file
2013-12-20 00:00:00
FreeBSD -- Multiple vulnerabilities in file(1) and libmagic(3)
2014-06-24 00:00:00
osv
osv
file - several
2014-03-11 00:00:00
php5 - security update
2014-06-01 00:00:00
php5 - security update
2015-01-31 00:00:00
ubuntu
ubuntu
file vulnerability
2014-04-07 00:00:00
ubuntucve
ubuntucve
CVE-2014-2270
2014-03-14 00:00:00
seebug
seebug
PHP Fileinfoη»δ»ΆθΆηε
εη ΄εζΌζ΄
2014-03-12 00:00:00
debian
debian
[SECURITY] [DSA 2873-1] file security update
2014-03-11 21:09:54
[SECURITY] [DSA 2873-1] file security update
2014-03-11 21:09:54
[SECURITY] [DSA 2943-1] php5 security update
2014-06-01 08:38:03
debiancve
debiancve
CVE-2014-2270
2014-03-14 15:55:00
mageia
mageia
Updated file packages fix CVE-2014-2270
2014-03-07 18:18:43
Updated php packages fix security vulnerabilities
2014-04-04 21:33:24
Updated php packages fix security vulnerabilities
2014-04-04 16:08:18
securityvulns
securityvulns
[SECURITY] [DSA 2873-1] file security update
2014-03-13 00:00:00
file utility / libmagic / PHP DoS
2014-05-04 00:00:00
[ MDVSA-2014:059 ] php
2014-03-18 00:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: file-5.11-13.fc19
2014-03-27 04:47:52
[SECURITY] Fedora 20 Update: file-5.14-17.fc20
2014-03-12 12:31:06
[SECURITY] Fedora 20 Update: php-5.5.10-1.fc20
2014-03-09 04:40:51
f5
f5
K15689 : Fine Free file vulnerabilites CVE-2014-1943 and CVE-2014-2270
2014-10-09 00:00:00
SOL15689 - Fine Free file vulnerabilites CVE-2014-1943 and CVE-2014-2270
2014-10-09 00:00:00
amazon
amazon
Medium: php54
2014-03-24 23:37:00
Important: php55
2014-03-24 23:37:00
gentoo
gentoo
file: Denial of service
2015-03-16 00:00:00
PHP: Multiple vulnerabilities
2014-08-29 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-14:16.file
2014-06-24 00:00:00
redhat
redhat
(RHSA-2014:1606) Moderate: file security and bug fix update
2014-10-14 00:00:00
(RHSA-2014:1012) Moderate: php53 and php security update
2014-08-06 00:00:00
(RHSA-2014:1765) Important: php54-php security update
2014-10-30 00:00:00
oraclelinux
oraclelinux
file security and bug fix update
2014-10-15 00:00:00
php53 and php security update
2014-08-06 00:00:00
centos
centos
file, python security update
2014-10-20 18:08:44
php, php53 security update
2014-08-06 14:53:37
6.4 Medium
AI Score
Confidence
Low
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.959 High
EPSS
Percentile
99.4%
Related for USN-2163-1