Description
file before 5.18, as used in the Fileinfo component in PHP before 5.6.0, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a zero root_storage value in a CDF file, related to cdf.c and readcdf.c.
Remediation
References
Related Vulnerabilities
WordPress Plugin Gravity Forms Unspecified Vulnerability (2.4.17)
WordPress Plugin Polo Video Gallery-Best wordpress video gallery Cross-Site Scripting (1.2)
WordPress Plugin FoxyPress 'uploadify.php' Arbitrary File Upload (0.4.2.1)
WebLogic CVE-2020-14637 Vulnerability (CVE-2020-14637)
WordPress Plugin Ceceppa Multilingua Multiple Cross-Site Scripting Vulnerabilities (1.5.13)