CVE-2014-3478

Good to know:

icon

Date: July 9, 2014

Buffer overflow in the mconvert function in softmagic.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (application crash) via a crafted Pascal string in a FILE_PSTRING conversion.

Language: C

Severity Score

Severity Score

Weakness Type (CWE)

Buffer Errors

CWE-119

Top Fix

icon

Upgrade Version

Upgrade to version 5.19,5.4.30,5.5.14

Learn More

CVSS v2

Base Score:
Access Vector (AV): NETWORK
Access Complexity (AC): LOW
Authentication (AU): NONE
Confidentiality (C): NONE
Integrity (I): NONE
Availability (A): PARTIAL
Additional information:

Do you need more information?

Contact Us