Vulnerability & Exploit Database

Displaying entries 1 - 10 of 39 in total

Results for: CVE-2014-0207 Back to search

RHSA-2015:2155: file security and bug fix update Vulnerability

  • Severity: 8
  • Published: March 30, 2015

The file command is used to identify a particular file according to the type of data the file contains. It can identify many different file types, including Executable and Linkable Format (ELF) binary files, system libraries, RPM packages, and different graphics formats.Multiple denial of service flaws were found in the way file parsed c...

ELSA-2015-2155 Moderate: Oracle Linux file security and bug fix update Vulnerability

  • Severity: 8
  • Published: March 30, 2015

readelf.c in file before 5.22, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not consider that pread calls sometimes read only a subset of the available data, which allows remote attackers to cause a denial of service (uninitialized memory access) or possibly have unspecified ot...

SUSE: CVE-2014-9029: SUSE Linux Security Advisory Vulnerability

  • Severity: 8
  • Published: December 08, 2014

Multiple off-by-one errors in the (1) jpc_dec_cp_setfromcox and (2) jpc_dec_cp_setfromrgn functions in jpc/jpc_dec.c in JasPer 1.900.1 and earlier allow remote attackers to execute arbitrary code via a crafted jp2 file, which triggers a heap-based buffer overflow.

RHSA-2014:1766: php55-php security update Vulnerability

  • Severity: 8
  • Published: October 29, 2014

Updated php55-php packages that fix multiple security issues are now available for Red Hat Software Collections 1. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the...

RHSA-2014:1765: php54-php security update Vulnerability

  • Severity: 8
  • Published: October 29, 2014

Updated php54-php packages that fix multiple security issues are now available for Red Hat Software Collections 1. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the...

SUSE Linux Security Advisory: SUSE-SU-2014:1100-1 Vulnerability

  • Severity: 10
  • Published: September 03, 2014

Use-after-free vulnerability in the mozilla::DOMSVGLength::GetTearOff function in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an SVG animation with DOM interaction that triggers incor...

SUSE: CVE-2014-0207: SUSE Linux Security Advisory Vulnerability

  • Severity: 4
  • Published: July 09, 2014

The cdf_read_short_sector function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted CDF file.

PHP Vulnerability: CVE-2014-0207 Vulnerability

  • Severity: 4
  • Published: July 09, 2014

The cdf_read_short_sector function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted CDF file.

Oracle Solaris 11: CVE-2014-0207: Vulnerability in PHP Vulnerability

  • Severity: 4
  • Published: July 09, 2014

The cdf_read_short_sector function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted CDF file.

RHSA-2014:1013: php security update Vulnerability

  • Severity: 8
  • Published: July 09, 2014

PHP is an HTML-embedded scripting language commonly used with the ApacheHTTP Server. PHP's fileinfo module provides functions used to identify aparticular file according to the type of data contained by the file.A denial of service flaw was found in the File Information (fileinfo)extension rules for detecting AWK files. A remote attacker...