Description
The cdf_read_short_sector function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted CDF file.
Remediation
References
Related Vulnerabilities
WordPress CVE-2016-5832 Vulnerability (CVE-2016-5832)
WordPress Plugin bbPress Members Only Cross-Site Request Forgery (1.2.1)
WebLogic CVE-2021-35620 Vulnerability (CVE-2021-35620)
WordPress Plugin WPtouch Arbitrary File Upload (3.4.6)
WordPress Plugin Contact Form DB Cross-Site Scripting (2.10.29)