CVE-2014-3478Improper Restriction of Operations within the Bounds of a Memory Buffer in Zoulas File

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer15 documents10 sources
Severity
6.5MEDIUMNVD
OSV5.0
EPSS
25.3%
top 3.79%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
File Project FilePhp5Christos Zoulas File+1 more
Timeline
PublishedJul 9
Latest updateMay 17

Description

Buffer overflow in the mconvert function in softmagic.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (application crash) via a crafted Pascal string in a FILE_PSTRING conversion.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages5 packages

Debianfile_project/file< 1:5.19-1+3
Ubuntufile_project/file< 1:5.14-2ubuntu3.1
Ubuntuphp5/php5< 5.5.9+dfsg-1ubuntu4.3
NVDphp/php5.4.29+43

Patches

Patch: bugs.php.netPatch: github.comPatch: bugs.php.net

🔴Vulnerability Details

5
GHSA
GHSA-h772-f5rg-qrvv: Buffer overflow in the mconvert function in softmagic2022-05-17
OSV
file vulnerabilities2014-07-15
OSV
CVE-2014-3478: Buffer overflow in the mconvert function in softmagic2014-07-09
CVEList
CVE-2014-3478: Buffer overflow in the mconvert function in softmagic2014-07-09
OSV
php5 vulnerabilities2014-07-09

📋Vendor Advisories

5
Ubuntu
file vulnerabilities2014-07-15
Ubuntu
PHP vulnerabilities2014-07-09
Red Hat
file: mconvert incorrect handling of truncated pascal string size2014-06-27
Debian
CVE-2014-3478: file - Buffer overflow in the mconvert function in softmagic.c in file before 5.19, as ...2014
Apple
CVE-2014-3478: OS X Yosemite v10.10.3 and Security Update 2015-004

🕵️Threat Intelligence

1
Tenable
[R6] SecurityCenter Affected by Multiple Third-party Library Vulnerabilities2014-07-16

💬Community

3
Bugzilla
CVE-2014-3478 file: mconvert incorrect handling of truncated pascal string size [fedora-all]2014-06-30
Bugzilla
CVE-2014-3478 php: file: mconvert incorrect handling of truncated pascal string size [fedora-all]2014-06-30
Bugzilla
CVE-2014-3478 file: mconvert incorrect handling of truncated pascal string size2014-06-04
CVE-2014-3478 — Christos Zoulas File vulnerability | cvebase