Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2014-3478
Description:Buffer overflow in the mconvert function in softmagic.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (application crash) via a crafted Pascal string in a FILE_PSTRING conversion.
Test IDs: 1.3.6.1.4.1.25623.1.0.702974   1.3.6.1.4.1.25623.1.0.122739   1.3.6.1.4.1.25623.1.1.4.2014.0938.1  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2014-3478
http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html
BugTraq ID: 68239
http://www.securityfocus.com/bid/68239
Debian Security Information: DSA-2974 (Google Search)
http://www.debian.org/security/2014/dsa-2974
Debian Security Information: DSA-3021 (Google Search)
http://www.debian.org/security/2014/dsa-3021
HPdes Security Advisory: HPSBUX03102
http://marc.info/?l=bugtraq&m=141017844705317&w=2
HPdes Security Advisory: SSRT101681
http://marc.info/?l=bugtraq&m=141017844705317&w=2
http://mx.gw.com/pipermail/file/2014/001553.html
RedHat Security Advisories: RHSA-2014:1327
http://rhn.redhat.com/errata/RHSA-2014-1327.html
RedHat Security Advisories: RHSA-2014:1765
http://rhn.redhat.com/errata/RHSA-2014-1765.html
RedHat Security Advisories: RHSA-2014:1766
http://rhn.redhat.com/errata/RHSA-2014-1766.html
http://secunia.com/advisories/59794
http://secunia.com/advisories/59831
SuSE Security Announcement: openSUSE-SU-2014:1236 (Google Search)
http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.html




© 1998-2024 E-Soft Inc. All rights reserved.