Search CVE reports


Toggle filters

91 – 100 of 134 results


CVE-2014-9426

Medium priority
Not affected

** DISPUTED ** The apprentice_load function in libmagic/apprentice.c in the Fileinfo component in PHP through 5.6.4 attempts to perform a free operation on a stack-based character array, which allows remote attackers to cause a...

2 affected packages

file, php5

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
file
php5
Show less packages

CVE-2014-8117

Low priority
Fixed

softmagic.c in file before 5.21 does not properly limit recursion, which allows remote attackers to cause a denial of service (CPU consumption or crash) via unspecified vectors.

2 affected packages

file, php5

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
file
php5
Show less packages

CVE-2014-8116

Medium priority
Fixed

The ELF parser (readelf.c) in file before 5.21 allows remote attackers to cause a denial of service (CPU consumption or crash) via a large number of (1) program or (2) section headers or (3) invalid capabilities.

2 affected packages

file, php5

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
file
php5
Show less packages

CVE-2014-3710

Low priority
Fixed

The donote function in readelf.c in file through 5.20, as used in the Fileinfo component in PHP 5.4.34, does not ensure that sufficient note headers are present, which allows remote attackers to cause a denial of service...

2 affected packages

file, php5

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
file
php5
Show less packages

CVE-2014-3587

Low priority
Fixed

Integer overflow in the cdf_read_property_info function in cdf.c in file through 5.19, as used in the Fileinfo component in PHP before 5.4.32 and 5.5.x before 5.5.16, allows remote attackers to cause a denial of...

2 affected packages

file, php5

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
file
php5
Show less packages

CVE-2014-3487

Medium priority
Fixed

The cdf_read_property_info function in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate a stream offset, which allows remote attackers to cause a denial...

2 affected packages

file, php5

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
file
php5
Show less packages

CVE-2014-3480

Medium priority
Fixed

The cdf_count_chain function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate sector-count data, which allows remote attackers to cause a...

2 affected packages

file, php5

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
file
php5
Show less packages

CVE-2014-3479

Medium priority
Fixed

The cdf_check_stream_offset function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, relies on incorrect sector-size data, which allows remote attackers to cause a...

2 affected packages

file, php5

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
file
php5
Show less packages

CVE-2014-3478

Medium priority
Fixed

Buffer overflow in the mconvert function in softmagic.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (application crash)...

2 affected packages

file, php5

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
file
php5
Show less packages

CVE-2014-0207

Medium priority
Fixed

The cdf_read_short_sector function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (assertion failure...

2 affected packages

file, php5

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
file
php5
Show less packages