Skip to content
Commit 700078d6 authored by Yue Tao's avatar Yue Tao Committed by Martin Jansa
Browse files

modphp: Security Advisory - php - CVE-2014-3587 

Integer overflow in the cdf_read_property_info function in cdf.c in file
through 5.19, as used in the Fileinfo component in PHP before 5.4.32 and
5.5.x before 5.5.16, allows remote attackers to cause a denial of
service (application crash) via a crafted CDF file. NOTE: this
vulnerability exists because of an incomplete fix for CVE-2012-1571.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3587



Signed-off-by: default avatarYue Tao <Yue.Tao@windriver.com>
Signed-off-by: default avatarMartin Jansa <Martin.Jansa@gmail.com>
parent 81aecee0
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment