The donote function in readelf.c in file up to and including 5.20, as used in the Fileinfo component in PHP 5.4.34, does not ensure that sufficient note headers are present, which allows remote malicious users to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
php php |
||
debian debian linux 8.0 |
||
debian debian linux 7.0 |
||
canonical ubuntu linux 14.10 |
||
canonical ubuntu linux 14.04 |
||
canonical ubuntu linux 10.04 |
||
canonical ubuntu linux 12.04 |