Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2013-4636HistoryOct 03, 2022 - 4:14 p.m.
CVE-2013-4636
2022-10-0316:14:56
Debian Security Bug Tracker
security-tracker.debian.org
13
php 5.4.x
denial of service
mp3 file
mime type detection
fileinfo
remote attackers
invalid pointer dereference
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.002 Low
EPSS
Percentile
60.3%
The mget function in libmagic/softmagic.c in the Fileinfo component in PHP 5.4.x before 5.4.16 allows remote attackers to cause a denial of service (invalid pointer dereference and application crash) via an MP3 file that triggers incorrect MIME type detection during access to an finfo object.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | file | < 1:5.44-3 | file_1:5.44-3_all.deb |
| Debian | 11 | all | file | < 1:5.39-3+deb11u1 | file_1:5.39-3+deb11u1_all.deb |
| Debian | 999 | all | file | < 1:5.45-3 | file_1:5.45-3_all.deb |
| Debian | 13 | all | file | < 1:5.45-3 | file_1:5.45-3_all.deb |
Related
openvas
openvas
PHP Denial of Service Vulnerability (Jun 2013) - Windows
2013-06-25 00:00:00
Gentoo Security Advisory GLSA 201408-11
2015-09-29 00:00:00
ubuntucve
ubuntucve
CVE-2013-4636
2013-06-21 00:00:00
prion
prion
Design/Logic Flaw
2013-06-21 21:55:00
f5
f5
SOL15272 - PHP Vulnerability CVE-2013-4636
2014-05-19 00:00:00
K15272 : PHP Vulnerability CVE-2013-4636
2014-05-19 00:00:00
cvelist
cvelist
CVE-2013-4636
2022-10-03 16:14:56
cve
cve
CVE-2013-4636
2022-10-03 16:14:56
nvd
nvd
CVE-2013-4636
2013-06-21 21:55:01
nessus
nessus
PHP 5.4.x < 5.4.16 Multiple Vulnerabilities
2013-06-07 00:00:00
Oracle Solaris Third-Party Patch Update : php (cve_2013_4113_buffer_errors)
2015-01-19 00:00:00
GLSA-201408-11 : PHP: Multiple vulnerabilities
2014-08-30 00:00:00
gentoo
gentoo
PHP: Multiple vulnerabilities
2014-08-29 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.002 Low
EPSS
Percentile
60.3%
Related for DEBIANCVE:CVE-2013-4636