The cdf_count_chain function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate sector-count data, which allows remote attackers to cause a denial of service (application crash) via a crafted CDF file.
Name | Vendor | Start Version | End Version |
---|---|---|---|
File | File_project | * | 5.19 (excluding) |
Php | Php | * | 5.3.29 (excluding) |
Php | Php | 5.4.0 (including) | 5.4.30 (excluding) |
Php | Php | 5.5.0 (including) | 5.5.14 (excluding) |
Red Hat Enterprise Linux 5 | RedHat | php53-0:5.3.3-23.el5_10 | * |
Red Hat Enterprise Linux 6 | RedHat | php-0:5.3.3-27.el6_5.1 | * |
Red Hat Enterprise Linux 6 | RedHat | file-0:5.04-21.el6 | * |
Red Hat Enterprise Linux 7 | RedHat | php-0:5.4.16-23.el7_0 | * |
Red Hat Enterprise Linux 7 | RedHat | file-0:5.11-31.el7 | * |
Red Hat Software Collections 1 for Red Hat Enterprise Linux 6 | RedHat | php54-php-0:5.4.16-22.el6 | * |
Red Hat Software Collections 1 for Red Hat Enterprise Linux 6 | RedHat | php55-php-0:5.5.6-13.el6 | * |
Red Hat Software Collections 1 for Red Hat Enterprise Linux 6.4 EUS | RedHat | php54-php-0:5.4.16-22.el6 | * |
Red Hat Software Collections 1 for Red Hat Enterprise Linux 6.4 EUS | RedHat | php55-php-0:5.5.6-13.el6 | * |
Red Hat Software Collections 1 for Red Hat Enterprise Linux 6.5 EUS | RedHat | php54-php-0:5.4.16-22.el6 | * |
Red Hat Software Collections 1 for Red Hat Enterprise Linux 6.5 EUS | RedHat | php55-php-0:5.5.6-13.el6 | * |
Red Hat Software Collections 1 for Red Hat Enterprise Linux 6.6 EUS | RedHat | php54-php-0:5.4.16-22.el6 | * |
Red Hat Software Collections 1 for Red Hat Enterprise Linux 6.6 EUS | RedHat | php55-php-0:5.5.6-13.el6 | * |
Red Hat Software Collections 1 for Red Hat Enterprise Linux 7 | RedHat | php54-php-0:5.4.16-22.el7 | * |
Red Hat Software Collections 1 for Red Hat Enterprise Linux 7 | RedHat | php55-php-0:5.5.6-13.el7 | * |
File | Ubuntu | devel | * |
File | Ubuntu | lucid | * |
File | Ubuntu | precise | * |
File | Ubuntu | saucy | * |
File | Ubuntu | trusty | * |
File | Ubuntu | upstream | * |
Php5 | Ubuntu | devel | * |
Php5 | Ubuntu | lucid | * |
Php5 | Ubuntu | precise | * |
Php5 | Ubuntu | saucy | * |
Php5 | Ubuntu | trusty | * |
Php5 | Ubuntu | upstream | * |