Description

The cdf_unpack_summary_info function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service (performance degradation) by triggering many file_printf calls.

Remediation

References

CVE-2014-0237

Related Vulnerabilities

WebLogic CVE-2018-3250 Vulnerability (CVE-2018-3250)

Ampache Improper Authentication Vulnerability (CVE-2007-4438)

Ruby Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4464)

WordPress Plugin Advanced Forms for ACF Pro Security Bypass (1.6.8)

MySQL Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2008-4098)

Severity

Medium

Classification

CVE-2014-0237

Tags

Missing Update Known Vulnerabilities