5

CVE-2014-1943

Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service (infinite recursion, CPU consumption, and crash) via a crafted indirect offset value in the magic of a file.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
PhpPhp Version >= 5.4.0 < 5.4.26
PhpPhp Version >= 5.5.0 < 5.5.10
CanonicalUbuntu Linux Version10.04 SwEdition-
CanonicalUbuntu Linux Version12.04 SwEdition-
CanonicalUbuntu Linux Version12.10
CanonicalUbuntu Linux Version13.10
DebianDebian Linux Version6.0
DebianDebian Linux Version7.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 5.07% 0.913
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
CWE-755 Improper Handling of Exceptional Conditions

The product does not handle or incorrectly handles an exceptional condition.

http://www.php.net/ChangeLog-5.php
Vendor Advisory
Release Notes
http://www.ubuntu.com/usn/USN-2123-1
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2014-1765.html
Third Party Advisory
http://www.ubuntu.com/usn/USN-2126-1
Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2014-03/msg00034.html
Mailing List
Tool Signature
http://lists.opensuse.org/opensuse-updates/2014-03/msg00037.html
Mailing List
Tool Signature
http://mx.gw.com/pipermail/file/2014/001327.html
Broken Link
http://mx.gw.com/pipermail/file/2014/001330.html
Broken Link
http://mx.gw.com/pipermail/file/2014/001334.html
Broken Link
http://mx.gw.com/pipermail/file/2014/001337.html
Broken Link
http://support.apple.com/kb/HT6443
Third Party Advisory
http://www.debian.org/security/2014/dsa-2861
Third Party Advisory
http://www.debian.org/security/2014/dsa-2868
Third Party Advisory
https://github.com/glensc/file/blob/FILE5_17/ChangeLog
Third Party Advisory
Release Notes