CVE-2014-0237
The cdf_unpack_summary_info function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service (performance degradation) by triggering many file_printf calls.
Ver en NVDSeveridad
N/A
EPSS
Probabilidad de explotación (próx. 30 días): 0.3070 (30.7%)
Percentil: 96.7%
EPSS: 2026-05-06
Afecta
php:phpdebian:debian_linuxDescripción técnica
The cdf_unpack_summary_info function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service (performance degradation) by triggering many file_printf calls.
Publicada: 1/6/2014, 4:29:34
Última modificación: 6/5/2026, 22:30:45
Referencias
- http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2014-07/msg00002.html
- http://rhn.redhat.com/errata/RHSA-2014-1765.html
- http://rhn.redhat.com/errata/RHSA-2014-1766.html
- http://secunia.com/advisories/59061
- http://secunia.com/advisories/59329
- http://secunia.com/advisories/59418
- http://secunia.com/advisories/60998