Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2014-3487HistoryJul 09, 2014 - 11:07 a.m.
CVE-2014-3487
2014-07-0911:07:01
Debian Security Bug Tracker
security-tracker.debian.org
9
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.016 Low
EPSS
Percentile
87.3%
The cdf_read_property_info function in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate a stream offset, which allows remote attackers to cause a denial of service (application crash) via a crafted CDF file.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | file | < 1:5.19-1 | file_1:5.19-1_all.deb |
| Debian | 11 | all | file | < 1:5.19-1 | file_1:5.19-1_all.deb |
| Debian | 999 | all | file | < 1:5.19-1 | file_1:5.19-1_all.deb |
| Debian | 13 | all | file | < 1:5.19-1 | file_1:5.19-1_all.deb |
Related
ubuntucve
ubuntucve
CVE-2014-3487
2014-07-09 00:00:00
cvelist
cvelist
CVE-2014-3487
2014-07-09 10:00:00
nvd
nvd
CVE-2014-3487
2014-07-09 11:07:01
cve
cve
CVE-2014-3487
2014-07-09 11:07:01
prion
prion
Design/Logic Flaw
2014-07-09 11:07:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:04:19
Denial Of Service (DoS)
2019-05-02 05:04:17
Denial Of Service (DoS)
2019-05-02 05:04:16
openvas
openvas
Mageia: Security Advisory (MGASA-2014-0282)
2022-01-28 00:00:00
PHP Multiple Vulnerabilities - 01 (Jul 2014)
2014-07-18 00:00:00
Debian: Security Advisory (DSA-2974-1)
2014-07-07 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : file (MDVSA-2014:131)
2014-07-10 00:00:00
openSUSE Security Update : php / php5 / php53 (openSUSE-SU-2014:0925-1)
2014-07-24 00:00:00
Debian DLA-27-1 : file security update
2015-03-26 00:00:00
mageia
mageia
Updated file packages fix security vulnerabilities
2014-07-04 22:26:27
Updated php packages fix multiple vulnerabilities
2014-07-09 02:30:04
Updated php packages fix multiple vulnerabilities
2014-07-09 02:29:20
debian
debian
[SECURITY] [DSA 2974-1] php5 security update
2014-07-08 21:34:45
[SECURITY] [DSA 2974-1] php5 security update
2014-07-08 21:34:45
[DLA 27-1] file security update
2014-07-31 14:47:17
osv
osv
php5 - security update
2014-07-08 00:00:00
file - security update
2014-07-31 00:00:00
file - security update
2014-09-09 00:00:00
ubuntu
ubuntu
file vulnerabilities
2014-07-15 00:00:00
PHP vulnerabilities
2014-07-09 00:00:00
f5
f5
K15498 : Multiple PHP vulnerabilities
2014-08-12 00:00:00
SOL15498 - Multiple PHP vulnerabilities
2014-08-12 00:00:00
amazon
amazon
slackware
slackware
[slackware-security] php
2014-07-12 03:48:04
fedora
fedora
[SECURITY] Fedora 20 Update: php-5.5.14-1.fc20
2014-06-30 10:25:38
[SECURITY] Fedora 20 Update: file-5.19-1.fc20
2014-07-05 14:54:09
[SECURITY] Fedora 19 Update: php-5.5.14-1.fc19
2014-07-08 00:57:33
securityvulns
securityvulns
[USN-2276-1] PHP vulnerabilities
2014-07-14 00:00:00
file / PHP multiple security vulnerabilities
2014-07-14 00:00:00
APPLE-SA-2014-09-17-3 OS X Mavericks 10.9.5 and Security Update 2014-004
2014-09-21 00:00:00
centos
centos
php security update
2014-08-06 14:38:20
file, python security update
2015-11-30 19:28:42
redhat
redhat
(RHSA-2014:1013) Moderate: php security update
2014-08-06 00:00:00
(RHSA-2015:2155) Moderate: file security and bug fix update
2015-11-19 14:41:30
(RHSA-2014:1766) Important: php55-php security update
2014-10-30 00:00:00
oraclelinux
oraclelinux
php security update
2014-08-06 00:00:00
file security and bug fix update
2015-11-23 00:00:00
ibm
ibm
Security Bulletin: Multiple vulnerabilities in file affect PowerKVM
2018-06-18 01:30:43
suse
suse
Security update for php53 (important)
2016-06-21 13:08:17
rosalinux
rosalinux
Advisory ROSA-SA-2021-1950
2021-07-02 17:57:45
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.016 Low
EPSS
Percentile
87.3%
Related for DEBIANCVE:CVE-2014-3487