readelf.c in file prior to 5.22, as used in the Fileinfo component in PHP prior to 5.4.37, 5.5.x prior to 5.5.21, and 5.6.x prior to 5.6.5, does not consider that pread calls sometimes read only a subset of the available data, which allows remote malicious users to cause a denial of service (uninitialized memory access) or possibly have unspecified other impact via a crafted ELF file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
file project file |
||
php php |
||
php php 5.5.0 |
||
php php 5.5.12 |
||
php php 5.5.13 |
||
php php 5.5.2 |
||
php php 5.5.20 |
||
php php 5.6.0 |
||
php php 5.6.1 |
||
php php 5.5.14 |
||
php php 5.5.15 |
||
php php 5.5.3 |
||
php php 5.5.4 |
||
php php 5.5.5 |
||
php php 5.6.2 |
||
php php 5.6.3 |
||
php php 5.5.10 |
||
php php 5.5.11 |
||
php php 5.5.18 |
||
php php 5.5.19 |
||
php php 5.5.8 |
||
php php 5.5.9 |
||
php php 5.5.1 |
||
php php 5.5.16 |
||
php php 5.5.17 |
||
php php 5.5.6 |
||
php php 5.5.7 |
||
php php 5.6.4 |
||
debian debian linux 7.0 |