The mcopy function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP prior to 5.4.40, 5.5.x prior to 5.5.24, and 5.6.x prior to 5.6.8, does not properly restrict a certain offset value, which allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string that is mishandled by a "Python script text executable" rule.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
php php 5.6.1 |
||
php php 5.6.5 |
||
php php |
||
php php 5.5.19 |
||
php php 5.5.0 |
||
php php 5.5.16 |
||
php php 5.6.0 |
||
php php 5.5.1 |
||
php php 5.5.5 |
||
php php 5.6.4 |
||
php php 5.5.21 |
||
php php 5.6.6 |
||
php php 5.5.17 |
||
php php 5.5.14 |
||
php php 5.5.7 |
||
php php 5.6.2 |
||
php php 5.5.12 |
||
php php 5.5.6 |
||
php php 5.6.7 |
||
php php 5.5.3 |
||
php php 5.5.23 |
||
php php 5.5.8 |
||
php php 5.5.15 |
||
php php 5.5.11 |
||
php php 5.5.13 |
||
php php 5.5.4 |
||
php php 5.5.10 |
||
php php 5.6.3 |
||
php php 5.5.22 |
||
php php 5.5.18 |
||
php php 5.5.20 |
||
php php 5.5.2 |
||
php php 5.5.9 |
||
redhat enterprise linux desktop 7.0 |
||
redhat enterprise linux workstation 7.0 |
||
redhat enterprise linux server 7.0 |
||
redhat enterprise linux hpc node 7.0 |
||
redhat enterprise linux server eus 7.1 |
||
redhat enterprise linux hpc node eus 7.1 |
||
redhat enterprise linux 7.0 |
||
redhat enterprise linux 6.0 |
Vulmon