Integer overflow in the cdf_read_property_info function in cdf.c in file up to and including 5.19, as used in the Fileinfo component in PHP prior to 5.4.32 and 5.5.x prior to 5.5.16, allows remote malicious users to cause a denial of service (application crash) via a crafted CDF file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1571.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
christos zoulas file 5.02 |
||
christos zoulas file 5.03 |
||
christos zoulas file 5.10 |
||
christos zoulas file 5.11 |
||
christos zoulas file 5.18 |
||
christos zoulas file |
||
php php 5.4.0 |
||
php php 5.4.12 |
||
php php 5.4.15 |
||
php php 5.4.16 |
||
php php 5.4.23 |
||
php php 5.4.24 |
||
php php 5.4.30 |
||
php php |
||
php php 5.5.9 |
||
php php 5.5.8 |
||
php php 5.5.14 |
||
php php 5.5.13 |
||
php php 5.5.0 |
||
christos zoulas file 5.00 |
||
christos zoulas file 5.01 |
||
christos zoulas file 5.08 |
||
christos zoulas file 5.09 |
||
christos zoulas file 5.16 |
||
christos zoulas file 5.17 |
||
php php 5.4.10 |
||
php php 5.4.11 |
||
php php 5.4.14 |
||
php php 5.4.20 |
||
php php 5.4.21 |
||
php php 5.4.22 |
||
php php 5.4.29 |
||
php php 5.4.3 |
||
php php 5.4.8 |
||
php php 5.4.9 |
||
php php 5.5.3 |
||
php php 5.5.2 |
||
php php 5.5.15 |
||
christos zoulas file 5.06 |
||
christos zoulas file 5.07 |
||
christos zoulas file 5.14 |
||
christos zoulas file 5.15 |
||
php php 5.4.1 |
||
php php 5.4.13 |
||
php php 5.4.19 |
||
php php 5.4.2 |
||
php php 5.4.27 |
||
php php 5.4.28 |
||
php php 5.4.6 |
||
php php 5.4.7 |
||
php php 5.5.5 |
||
php php 5.5.4 |
||
php php 5.5.10 |
||
php php 5.5.1 |
||
christos zoulas file 5.04 |
||
christos zoulas file 5.05 |
||
christos zoulas file 5.12 |
||
christos zoulas file 5.13 |
||
php php 5.4.17 |
||
php php 5.4.18 |
||
php php 5.4.25 |
||
php php 5.4.26 |
||
php php 5.4.4 |
||
php php 5.4.5 |
||
php php 5.5.7 |
||
php php 5.5.6 |
||
php php 5.5.12 |
||
php php 5.5.11 |