SUSE: CVE-2014-3480: SUSE Linux Security Advisory
|4||(AV:N/AC:M/Au:N/C:N/I:N/A:P)||July 09, 2014||December 18, 2015||October 11, 2017|
The cdf_count_chain function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate sector-count data, which allows remote attackers to cause a denial of service (application crash) via a crafted CDF file.
Free Nexpose Download
Discover, prioritize, and remediate security risks today!
- OS X update for Note: (CVE-2014-3480)
- OS X update for Admin Framework (CVE-2014-3480)
- Alpine Linux: CVE-2014-3480: php multiple issues fixed in new 5.5.14
- Oracle Solaris 11: CVE-2014-3480: Vulnerability in PHP
- OS X update for PHP (CVE-2014-3480)
- PHP Vulnerability: CVE-2014-3480
- OS X update for apache_mod_php (CVE-2014-3480)