The apprentice_load function in libmagic/apprentice.c in the Fileinfo component in PHP through 5.6.4 attempts to perform a free operation on a stack-based character array, which allows remote attackers to cause a denial of service (memory corruption or application crash) or possibly have unspecified other impact via unknown vectors. NOTE: this is disputed by the vendor because the standard erealloc behavior makes the free operation unreachable
Source: MITRE
Max CVSS
7.5
EPSS Score
0.79%
Published
2014-12-31
Updated
2024-05-17
Double free vulnerability in the zend_ts_hash_graceful_destroy function in zend_ts_hash.c in the Zend Engine in PHP through 5.5.20 and 5.6.x through 5.6.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
Source: MITRE
Max CVSS
7.5
EPSS Score
6.63%
Published
2014-12-31
Updated
2022-08-04
Stack-based buffer overflow in the date_from_ISO8601 function in ext/xmlrpc/libxmlrpc/xmlrpc.c in PHP before 5.2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code by including a timezone field in a date, leading to improper XML-RPC encoding.
Source: Red Hat, Inc.
Max CVSS
7.5
EPSS Score
8.00%
Published
2014-11-23
Updated
2015-04-30
Use-after-free vulnerability in ext/spl/spl_array.c in the SPL component in PHP through 5.5.14 allows context-dependent attackers to cause a denial of service or possibly have unspecified other impact via crafted ArrayIterator usage within applications in certain web-hosting environments.
Source: MITRE
Max CVSS
4.6
EPSS Score
0.29%
Published
2014-07-10
Updated
2023-01-19
Use-after-free vulnerability in ext/spl/spl_dllist.c in the SPL component in PHP through 5.5.14 allows context-dependent attackers to cause a denial of service or possibly have unspecified other impact via crafted iterator usage within applications in certain web-hosting environments.
Source: MITRE
Max CVSS
4.6
EPSS Score
0.25%
Published
2014-07-10
Updated
2017-01-07
Heap-based buffer overflow in the php_parserr function in ext/standard/dns.c in PHP 5.6.0beta4 and earlier allows remote servers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted DNS TXT record, related to the dns_get_record function.
Source: MITRE
Max CVSS
5.1
EPSS Score
94.81%
Published
2014-06-18
Updated
2022-08-29
The donote function in readelf.c in file through 5.20, as used in the Fileinfo component in PHP 5.4.34, does not ensure that sufficient note headers are present, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file.
Source: Red Hat, Inc.
Max CVSS
5.0
EPSS Score
4.24%
Published
2014-11-05
Updated
2022-11-05
The exif_ifd_make_value function in exif.c in the EXIF extension in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 operates on floating-point arrays incorrectly, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a crafted JPEG image with TIFF thumbnail data that is improperly handled by the exif_thumbnail function.
Source: Red Hat, Inc.
Max CVSS
6.8
EPSS Score
26.92%
Published
2014-10-29
Updated
2016-10-18
Integer overflow in the object_custom function in ext/standard/var_unserializer.c in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an argument to the unserialize function that triggers calculation of a large length value.
Source: Red Hat, Inc.
Max CVSS
7.5
EPSS Score
93.74%
Published
2014-10-29
Updated
2017-01-03
Buffer overflow in the date_from_ISO8601 function in the mkgmtime implementation in libxmlrpc/xmlrpc.c in the XMLRPC extension in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 allows remote attackers to cause a denial of service (application crash) via (1) a crafted first argument to the xmlrpc_set_type function or (2) a crafted argument to the xmlrpc_decode function, related to an out-of-bounds read operation.
Source: Red Hat, Inc.
Max CVSS
5.0
EPSS Score
13.20%
Published
2014-10-29
Updated
2016-10-18
Multiple buffer overflows in the php_parserr function in ext/standard/dns.c in PHP before 5.4.32 and 5.5.x before 5.5.16 allow remote DNS servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted DNS record, related to the dns_get_record function and the dn_expand function. NOTE: this issue exists because of an incomplete fix for CVE-2014-4049.
Source: Red Hat, Inc.
Max CVSS
6.8
EPSS Score
2.80%
Published
2014-08-23
Updated
2017-01-07
Integer overflow in the cdf_read_property_info function in cdf.c in file through 5.19, as used in the Fileinfo component in PHP before 5.4.32 and 5.5.x before 5.5.16, allows remote attackers to cause a denial of service (application crash) via a crafted CDF file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1571.
Source: Red Hat, Inc.
Max CVSS
4.3
EPSS Score
7.96%
Published
2014-08-23
Updated
2018-01-05
file before 5.19 does not properly restrict the amount of data read during a regex search, which allows remote attackers to cause a denial of service (CPU consumption) via a crafted file that triggers backtracking during processing of an awk rule. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7345.
Source: Red Hat, Inc.
Max CVSS
5.0
EPSS Score
1.78%
Published
2014-07-03
Updated
2023-01-19
The cdf_read_property_info function in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate a stream offset, which allows remote attackers to cause a denial of service (application crash) via a crafted CDF file.
Source: Red Hat, Inc.
Max CVSS
4.3
EPSS Score
1.57%
Published
2014-07-09
Updated
2022-10-28
The cdf_count_chain function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate sector-count data, which allows remote attackers to cause a denial of service (application crash) via a crafted CDF file.
Source: Red Hat, Inc.
Max CVSS
4.3
EPSS Score
0.69%
Published
2014-07-09
Updated
2022-10-28
The cdf_check_stream_offset function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, relies on incorrect sector-size data, which allows remote attackers to cause a denial of service (application crash) via a crafted stream offset in a CDF file.
Source: Red Hat, Inc.
Max CVSS
4.3
EPSS Score
0.69%
Published
2014-07-09
Updated
2022-10-28
Buffer overflow in the mconvert function in softmagic.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (application crash) via a crafted Pascal string in a FILE_PSTRING conversion.
Source: Red Hat, Inc.
Max CVSS
5.0
EPSS Score
15.66%
Published
2014-07-09
Updated
2016-11-28
The gdImageCreateFromXpm function in gdxpm.c in libgd, as used in PHP 5.4.26 and earlier, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted color table in an XPM file.
Source: MITRE
Max CVSS
4.3
EPSS Score
0.98%
Published
2014-03-21
Updated
2022-09-28
softmagic.c in file before 5.17 and libmagic allows context-dependent attackers to cause a denial of service (out-of-bounds memory access and crash) via crafted offsets in the softmagic of a PE executable.
Source: Debian GNU/Linux
Max CVSS
4.3
EPSS Score
95.86%
Published
2014-03-14
Updated
2022-10-28
Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service (infinite recursion, CPU consumption, and crash) via a crafted indirect offset value in the magic of a file.
Source: MITRE
Max CVSS
5.0
EPSS Score
5.78%
Published
2014-02-18
Updated
2022-10-31
The cdf_read_property_info function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service (infinite loop or out-of-bounds memory access) via a vector that (1) has zero length or (2) is too long.
Source: Red Hat, Inc.
Max CVSS
5.0
EPSS Score
9.77%
Published
2014-06-01
Updated
2022-10-31
The cdf_unpack_summary_info function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service (performance degradation) by triggering many file_printf calls.
Source: Red Hat, Inc.
Max CVSS
5.0
EPSS Score
4.25%
Published
2014-06-01
Updated
2023-01-19
The cdf_read_short_sector function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted CDF file.
Source: Red Hat, Inc.
Max CVSS
4.3
EPSS Score
0.85%
Published
2014-07-09
Updated
2022-09-28
The BEGIN regular expression in the awk script detector in magic/Magdir/commands in file before 5.15 uses multiple wildcards with unlimited repetitions, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted ASCII file that triggers a large amount of backtracking, as demonstrated via a file with many newline characters.
Source: MITRE
Max CVSS
5.0
EPSS Score
0.44%
Published
2014-03-24
Updated
2022-10-31
Multiple integer signedness errors in the gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 allow remote attackers to cause a denial of service (application crash) or obtain sensitive information via an imagecrop function call with a negative value for the (1) x or (2) y dimension, a different vulnerability than CVE-2013-7226.
Source: MITRE
Max CVSS
5.8
EPSS Score
0.83%
Published
2014-02-18
Updated
2014-03-08
27 vulnerabilities found
1 2
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!