CVE-2014-0238

Published: 1 June 2014

The cdf_read_property_info function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service (infinite loop or out-of-bounds memory access) via a vector that (1) has zero length or (2) is too long.

Priority

Status

Package	Release	Status
php5 Launchpad, Ubuntu, Debian	lucid	Released (5.3.2-1ubuntu4.25)
	precise	Released (5.3.10-1ubuntu3.12)
	saucy	Released (5.5.3+dfsg-1ubuntu2.4)
	trusty	Released (5.5.9+dfsg-1ubuntu4.1)
	upstream	Released (5.5.13)
	Patches: upstream: http://git.php.net/?p=php-src.git;a=commit;h=22736b7c56d678f142d5dd21f4996e5819507a2b other: https://github.com/file/file/commit/f97486ef5dc3e8735440edc4fc8808c63e1a3ef0

References

http://www.php.net/ChangeLog-5.php
https://ubuntu.com/security/notices/USN-2254-1
https://www.cve.org/CVERecord?id=CVE-2014-0238
NVD
Launchpad
Debian

Bugs

https://bugs.php.net/bug.php?id=67327
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0238

Join the discussion

Ubuntu security updates mailing list
Security announcements mailing list

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›