The mget function in libmagic/softmagic.c in the Fileinfo component in PHP 5.4.x prior to 5.4.16 allows remote malicious users to cause a denial of service (invalid pointer dereference and application crash) via an MP3 file that triggers incorrect MIME type detection during access to an finfo object.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
php php 5.4.4 |
||
php php 5.4.11 |
||
php php 5.4.9 |
||
php php 5.4.14 |
||
php php 5.4.3 |
||
php php 5.4.0 |
||
php php 5.4.1 |
||
php php 5.4.2 |
||
php php 5.4.7 |
||
php php 5.4.6 |
||
php php 5.4.5 |
||
php php 5.4.12 |
||
php php 5.4.10 |
||
php php 5.4.8 |
||
php php 5.4.13 |
||
php php 5.4.15 |