file prior to 5.18, as used in the Fileinfo component in PHP prior to 5.6.0, allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via a zero root_storage value in a CDF file, related to cdf.c and readcdf.c.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
php php |