CVE-2014-9652
Severity CVSS v4.0:
Pending analysis
Type:
CWE-119
Buffer Errors
Publication date:
30/03/2015
Last modified:
12/04/2025
Description
The mconvert function in softmagic.c in file before 5.21, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not properly handle a certain string-length field during a copy of a truncated version of a Pascal string, which might allow remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted file.
Impact
Base Score 2.0
5.00
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:php:php:*:*:*:*:*:*:*:* | 5.4.36 (including) | |
| cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:* | ||
| cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:* | ||
| cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:* | ||
| cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:* | ||
| cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:* | ||
| cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:* | ||
| cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:* | ||
| cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:* | ||
| cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:* | ||
| cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:* | ||
| cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:* | ||
| cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:* | ||
| cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://bugs.gw.com/view.php?id=398
- http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html
- http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00002.html
- http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00003.html
- http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00004.html
- http://marc.info/?l=bugtraq&m=143748090628601&w=2
- http://marc.info/?l=bugtraq&m=144050155601375&w=2
- http://openwall.com/lists/oss-security/2015/02/05/12
- http://php.net/ChangeLog-5.php
- http://rhn.redhat.com/errata/RHSA-2015-1053.html
- http://rhn.redhat.com/errata/RHSA-2015-1066.html
- http://rhn.redhat.com/errata/RHSA-2015-1135.html
- http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
- http://www.securityfocus.com/bid/72505
- https://bugs.php.net/bug.php?id=68735
- https://bugs.php.net/patch-display.php?bug=68735&patch=bug68735.patch&revision=1420309079
- https://github.com/file/file/commit/59e63838913eee47f5c120a6c53d4565af638158
- https://security.gentoo.org/glsa/201701-42
- https://support.apple.com/HT205267
- http://bugs.gw.com/view.php?id=398
- http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html
- http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00002.html
- http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00003.html
- http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00004.html
- http://marc.info/?l=bugtraq&m=143748090628601&w=2
- http://marc.info/?l=bugtraq&m=144050155601375&w=2
- http://openwall.com/lists/oss-security/2015/02/05/12
- http://php.net/ChangeLog-5.php
- http://rhn.redhat.com/errata/RHSA-2015-1053.html
- http://rhn.redhat.com/errata/RHSA-2015-1066.html
- http://rhn.redhat.com/errata/RHSA-2015-1135.html
- http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
- http://www.securityfocus.com/bid/72505
- https://bugs.php.net/bug.php?id=68735
- https://bugs.php.net/patch-display.php?bug=68735&patch=bug68735.patch&revision=1420309079
- https://github.com/file/file/commit/59e63838913eee47f5c120a6c53d4565af638158
- https://security.gentoo.org/glsa/201701-42
- https://support.apple.com/HT205267