Description
The cdf_read_short_sector function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted CDF file.
Remediation
References
Related Vulnerabilities
Oracle Database Server CVE-2013-1554 Vulnerability (CVE-2013-1554)
Envoy Proxy Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2021-39162)
Django Inefficient Regular Expression Complexity Vulnerability (CVE-2023-36053)
WebLogic Improper Access Control Vulnerability (CVE-2019-2729)