PHP CDF Processing Vulnerability
Last Update Date:
4 Jun 2014 09:12
Release Date:
4 Jun 2014
4019
Views
RISK: Medium Risk
TYPE: Servers - Web Servers
Two vulnerabilities were identified in PHP. A remote user can cause denial of service conditions.
- A remote user can send a specially crafted CDF file to cause performance degradation via file_printf() calls.
- A remote user can send a specially crafted CDF file to trigger an infinite loop.
Impact
- Denial of Service
System / Technologies affected
- prior to versions 5.4.29, 5.5.13
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- The vendor has issued a fix (5.4.29, 5.5.13).
http://www.php.net/ChangeLog-5.php#5.5.13
Vulnerability Identifier
Source
Related Link
Share with