The cdf_unpack_summary_info function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service (performance degradation) by triggering many file_printf calls.
References
Configurations
History
19 Jan 2023, 15:44
Type | Values Removed | Values Added |
---|---|---|
References | (APPLE) http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html - Mailing List, Third Party Advisory | |
References | (CONFIRM) https://support.apple.com/HT204659 - Third Party Advisory | |
References | (CONFIRM) https://github.com/file/file/commit/b8acc83781d5a24cc5101e525d15efe0482c280d - Patch, Third Party Advisory | |
References | (SECUNIA) http://secunia.com/advisories/59061 - Third Party Advisory | |
References | (SECUNIA) http://secunia.com/advisories/60998 - Third Party Advisory | |
References | (CONFIRM) http://www-01.ibm.com/support/docview.wss?uid=swg21683486 - Third Party Advisory | |
References | (DEBIAN) http://www.debian.org/security/2014/dsa-3021 - Third Party Advisory | |
References | (CONFIRM) http://support.apple.com/kb/HT6443 - Third Party Advisory | |
References | (REDHAT) http://rhn.redhat.com/errata/RHSA-2014-1766.html - Third Party Advisory | |
References | (BID) http://www.securityfocus.com/bid/67759 - Third Party Advisory, VDB Entry | |
References | (REDHAT) http://rhn.redhat.com/errata/RHSA-2014-1765.html - Third Party Advisory | |
References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2014-07/msg00002.html - Mailing List, Third Party Advisory | |
References | (SECUNIA) http://secunia.com/advisories/59329 - Third Party Advisory | |
References | (SECUNIA) http://secunia.com/advisories/59418 - Third Party Advisory | |
References | (CONFIRM) http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html - Third Party Advisory | |
References | (CONFIRM) http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html - Third Party Advisory | |
First Time |
Debian
Debian debian Linux |
|
CPE | cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.3.6:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.2.16:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.3.9:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.2.12:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:* cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.0.0:beta4:*:*:*:*:*:* cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:* cpe:2.3:a:php:php:5.3.11:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:* cpe:2.3:a:php:php:5.3.1:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.0.2:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.4.3:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.3.26:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.4.10:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.4.11:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.4.5:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.4.12:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.1.1:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.4.1:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.1.2:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.3.19:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.3.15:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.1.3:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.4.4:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.2.10:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.3.21:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.4.12:rc2:*:*:*:*:*:* cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:* cpe:2.3:a:php:php:5.3.14:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.0.0:rc1:*:*:*:*:*:* cpe:2.3:a:php:php:5.2.15:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.3.25:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.3.3:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.4.15:rc1:*:*:*:*:*:* cpe:2.3:a:php:php:5.4.17:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.4.13:rc1:*:*:*:*:*:* cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.1.6:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.2.7:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:* cpe:2.3:a:php:php:5.2.9:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.4.0:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.1.4:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.2.13:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.3.2:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.0.0:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.4.14:rc1:*:*:*:*:*:* cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:* cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:* cpe:2.3:a:php:php:5.4.12:rc1:*:*:*:*:*:* cpe:2.3:a:php:php:5.1.5:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.3.27:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.1.0:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.4.6:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.3.17:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.4.26:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:* cpe:2.3:a:php:php:5.4.25:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.4.20:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.4.18:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.3.18:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.3.13:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.3.20:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:* cpe:2.3:a:php:php:5.0.5:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:* cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.3.5:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.2.17:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.0.0:beta1:*:*:*:*:*:* cpe:2.3:a:php:php:5.3.22:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.4.24:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.0.4:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.4.16:rc1:*:*:*:*:*:* cpe:2.3:a:php:php:5.2.8:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.4.14:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.3.24:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.0.3:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.0.0:beta3:*:*:*:*:*:* cpe:2.3:a:php:php:5.4.2:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.4.21:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.3.23:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.0.1:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.2.14:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.4.7:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.3.4:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.4.13:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:* cpe:2.3:a:php:php:5.3.7:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.4.23:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:* cpe:2.3:a:php:php:5.0.0:beta2:*:*:*:*:*:* cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.3.12:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.4.19:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.3.16:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.4.8:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.3.0:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.3.10:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.2.11:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.0.0:rc3:*:*:*:*:*:* cpe:2.3:a:php:php:5.0.0:rc2:*:*:*:*:*:* cpe:2.3:a:php:php:5.3.8:*:*:*:*:*:*:* cpe:2.3:a:php:php:5.4.9:*:*:*:*:*:*:* |
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:* |
Information
Published : 2014-06-01 04:29
Updated : 2023-12-10 11:31
NVD link : CVE-2014-0237
Mitre link : CVE-2014-0237
CVE.ORG link : CVE-2014-0237
JSON object : View
Products Affected
debian
- debian_linux
php
- php
CWE
CWE-399
Resource Management Errors