Description

The cdf_unpack_summary_info function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service (performance degradation) by triggering many file_printf calls.

Remediation

References

CVE-2014-0237

Related Vulnerabilities

OpenSSL Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2021-4044)

WordPress Plugin PDF Flipbook, 3D Flipbook WordPress-DearFlip Cross-Site Scripting (1.7.9)

PHP Other Vulnerability (CVE-2002-0986)

Atlassian Confluence Server-Side Request Forgery (SSRF) Vulnerability (CVE-2020-29445)

MySQL CVE-2013-2381 Vulnerability (CVE-2013-2381)

Severity

Medium

Classification

CVE-2014-0237

Tags

Missing Update Known Vulnerabilities