CVE-2014-0207

2014-07-09T00:00:00
ID UB:CVE-2014-0207
Type ubuntucve
Reporter ubuntu.com
Modified 2014-07-09T00:00:00

Description

The cdf_read_short_sector function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted CDF file.

Bugs

  • <https://bugs.php.net/bug.php?id=67326>

Notes

Author| Note
---|---
seth-arnold | The php5 patch has only the security fix, prefer it for file as well