Description
The cdf_read_property_info function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service (infinite loop or out-of-bounds memory access) via a vector that (1) has zero length or (2) is too long.
Remediation
References
Related Vulnerabilities
WordPress 3.4.1 Multiple Vulnerabilities (2.0 - 3.4.1)
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2335)
SharePoint CVE-2024-49070 Vulnerability (CVE-2024-49070)
CrushFTP Server URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2018-18288)
Oracle Database Server CVE-2015-2595 Vulnerability (CVE-2015-2595)