Description
The cdf_unpack_summary_info function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service (performance degradation) by triggering many file_printf calls.
Remediation
References
Related Vulnerabilities
qdPM Sensitive Information Disclosure Vulnerability (CVE-2015-3881)
WordPress Plugin RSVPMaker SQL Injection (7.8.1)
WordPress Plugin Anti-Malware Security and Brute-Force Firewall Cross-Site Scripting (4.15.42)
WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.28)
WordPress Plugin Integration for Gravity Forms and Pipedrive Cross-Site Scripting (1.0.6)