Description

The cdf_unpack_summary_info function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service (performance degradation) by triggering many file_printf calls.

Remediation

References

CVE-2014-0237

Related Vulnerabilities

WordPress Plugin Gallery Objects SQL Injection (0.4)

WordPress Plugin SearchWP Live Ajax Search Directory Traversal (1.6.2)

WordPress Plugin WP Inventory Manager Cross-Site Scripting (1.7.8)

Microsoft SQL Server CVE-2023-23384 Vulnerability (CVE-2023-23384)

WebLogic Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') Vulnerability (CVE-2021-23450)

Severity

Medium

Classification

CVE-2014-0237

Tags

Missing Update Known Vulnerabilities