CVE-2014-0237

Priority
Description
The cdf_unpack_summary_info function in cdf.c in the Fileinfo component in
PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause
a denial of service (performance degradation) by triggering many
file_printf calls.
Assigned-to
mdeslaur
Notes
Package
Source: php5 (LP Ubuntu Debian)
Upstream:released (5.5.13)
Ubuntu 14.04 ESM (Trusty Tahr):released (5.5.9+dfsg-1ubuntu4.1)
Patches:
Upstream:http://git.php.net/?p=php-src.git;a=commit;h=68ce2d0ea6da79b12a365e375e1c2ce882c77480
Other:https://github.com/file/file/commit/b8acc83781d5a24cc5101e525d15efe0482c280d
More Information

Updated: 2020-01-29 19:48:48 UTC (commit 768ceb2fdee6790d707d0f681e1b54916744af1e)