Description

The cdf_read_short_sector function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted CDF file.

Remediation

References

CVE-2014-0207

Related Vulnerabilities

Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-4029)

Oracle Database Server CVE-2013-1554 Vulnerability (CVE-2013-1554)

Envoy Proxy Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2021-39162)

Django Inefficient Regular Expression Complexity Vulnerability (CVE-2023-36053)

WebLogic Improper Access Control Vulnerability (CVE-2019-2729)

Severity

Medium

Classification

CVE-2014-0207 CWE-119

Tags

Missing Update Known Vulnerabilities