Vulnerability & Exploit Database

Displaying entries 1 - 10 of 24 in total

Results for: CVE-2014-3487 Back to search

RHSA-2015:2155: file security and bug fix update Vulnerability

  • Severity: 8
  • Published: March 30, 2015

The file command is used to identify a particular file according to the type of data the file contains. It can identify many different file types, including Executable and Linkable Format (ELF) binary files, system libraries, RPM packages, and different graphics formats.Multiple denial of service flaws were found in the way file parsed c...

ELSA-2015-2155 Moderate: Oracle Linux file security and bug fix update Vulnerability

  • Severity: 8
  • Published: March 30, 2015

readelf.c in file before 5.22, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not consider that pread calls sometimes read only a subset of the available data, which allows remote attackers to cause a denial of service (uninitialized memory access) or possibly have unspecified ot...

RHSA-2014:1766: php55-php security update Vulnerability

  • Severity: 8
  • Published: October 29, 2014

Updated php55-php packages that fix multiple security issues are now available for Red Hat Software Collections 1. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the...

RHSA-2014:1765: php54-php security update Vulnerability

  • Severity: 8
  • Published: October 29, 2014

Updated php54-php packages that fix multiple security issues are now available for Red Hat Software Collections 1. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the...

SUSE: CVE-2014-3487: SUSE Linux Security Advisory Vulnerability

  • Severity: 4
  • Published: July 09, 2014

The cdf_read_property_info function in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate a stream offset, which allows remote attackers to cause a denial of service (application crash) via a crafted CDF file.

PHP Vulnerability: CVE-2014-3487 Vulnerability

  • Severity: 4
  • Published: July 09, 2014

The cdf_read_property_info function in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate a stream offset, which allows remote attackers to cause a denial of service (application crash) via a crafted CDF file.

Oracle Solaris 11: CVE-2014-3487: Vulnerability in PHP Vulnerability

  • Severity: 4
  • Published: July 09, 2014

The cdf_read_property_info function in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate a stream offset, which allows remote attackers to cause a denial of service (application crash) via a crafted CDF file.

RHSA-2014:1013: php security update Vulnerability

  • Severity: 8
  • Published: July 09, 2014

PHP is an HTML-embedded scripting language commonly used with the ApacheHTTP Server. PHP's fileinfo module provides functions used to identify aparticular file according to the type of data contained by the file.A denial of service flaw was found in the File Information (fileinfo)extension rules for detecting AWK files. A remote attacker...

ELSA-2014-1013 Moderate: Oracle Linux php security update Vulnerability

  • Severity: 8
  • Published: July 09, 2014

The SPL component in PHP before 5.4.30 and 5.5.x before 5.5.14 incorrectly anticipates that certain data structures will have the array data type after unserialization, which allows remote attackers to execute arbitrary code via a crafted string that triggers use of a Hashtable destructor, related to "type confusion" issues in (1) ArrayO...

Cent OS: CVE-2014-3487: CESA-2014:1013 (php) Vulnerability

  • Severity: 4
  • Published: July 09, 2014

The cdf_read_property_info function in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate a stream offset, which allows remote attackers to cause a denial of service (application crash) via a crafted CDF file.