CVE-2014-0238Improper Restriction of Operations within the Bounds of a Memory Buffer in PHP

CWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-835Infinite Loop14 documents9 sources
Severity
5.0MEDIUMNVD
OSV7.2
EPSS
26.2%
top 3.70%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
File Project FilePHPPhp5+1 more
Timeline
PublishedJun 1
Latest updateMay 17

Description

The cdf_read_property_info function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service (infinite loop or out-of-bounds memory access) via a vector that (1) has zero length or (2) is too long.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages3 packages

NVDphp/php5.4.05.4.29+2
Ubuntuphp5/php5< 5.5.9+dfsg-1ubuntu4.1+1
Debianfile_project/file< 1:5.19-1+3

Also affects: Debian Linux 7.0, 8.0

Patches

Patch: bugs.php.netPatch: github.comPatch: bugs.php.net

🔴Vulnerability Details

5
GHSA
GHSA-9qpg-75cw-6c38: The cdf_read_property_info function in cdf2022-05-17
OSV
php5 updates2014-06-25
OSV
php5 vulnerabilities2014-06-23
CVEList
CVE-2014-0238: The cdf_read_property_info function in cdf2014-06-01
OSV
CVE-2014-0238: The cdf_read_property_info function in cdf2014-06-01

📋Vendor Advisories

4
Ubuntu
PHP vulnerabilities2014-06-23
Red Hat
file: CDF property info parsing nelements infinite loop2014-05-29
Debian
CVE-2014-0238: file - The cdf_read_property_info function in cdf.c in the Fileinfo component in PHP be...2014
Apple
CVE-2014-0238: OS X Yosemite v10.10.3 and Security Update 2015-004

💬Community

4
Bugzilla
CVE-2014-0237 CVE-2014-0238 file: various flaws [fedora-all]2014-06-02
Bugzilla
CVE-2014-0237 CVE-2014-0238 php: various flaws [fedora-all]2014-06-02
Bugzilla
CVE-2014-0237 file: cdf_unpack_summary_info() excessive looping DoS2014-05-15
Bugzilla
CVE-2014-0238 file: CDF property info parsing nelements infinite loop2014-05-15
CVE-2014-0238 — PHP vulnerability | cvebase