CVE-2014-9427 (retired)

sapi/cgi/cgi_main.c in the CGI component in PHP through 5.4.36, 5.5.x
through 5.5.20, and 5.6.x through 5.6.4, when mmap is used to read a .php
file, does not properly consider the mapping's length during processing of
an invalid file that begins with a # character and lacks a newline
character, which causes an out-of-bounds read and might (1) allow remote
attackers to obtain sensitive information from php-cgi process memory by
leveraging the ability to upload a .php file or (2) trigger unexpected code
execution if a valid PHP script is present in memory locations adjacent to
the mapping.
More Information

Updated: 2019-09-19 15:51:26 UTC (commit d32ebc32606b9517c6fa7d65a15441e2a57a6de5)