CVE-2014-9652

NONE EPSS 91.8%
Published Mar 30, 201511y ago · Modified Jun 17, 20262w ago
Find Similar
Published Mar 30, 2015 11y ago
Last Modified Jun 17, 2026 2w ago

Description

The mconvert function in softmagic.c in file before 5.21, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not properly handle a certain string-length field during a copy of a truncated version of a Pascal string, which might allow remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted file.

Threat Intelligence

EPSS Exploit Probability
91.8% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer Memory Safety

Affected Products 48

VendorProductVersionRange
phpphp* ≤5.4.36
phpphp5.5.0any
phpphp5.5.0any
phpphp5.5.0any
phpphp5.5.0any
phpphp5.5.0any
phpphp5.5.0any
phpphp5.5.0any
phpphp5.5.0any
phpphp5.5.0any
phpphp5.5.0any
phpphp5.5.0any
phpphp5.5.0any
phpphp5.5.0any
phpphp5.5.1any
phpphp5.5.2any
phpphp5.5.3any
phpphp5.5.4any
phpphp5.5.5any
phpphp5.5.6any
phpphp5.5.7any
phpphp5.5.8any
phpphp5.5.9any
phpphp5.5.10any
phpphp5.5.11any
phpphp5.5.12any
phpphp5.5.13any
phpphp5.5.14any
phpphp5.5.15any
phpphp5.5.16any
phpphp5.5.17any
phpphp5.5.18any
phpphp5.5.19any
phpphp5.5.20any
phpphp5.6.0any
phpphp5.6.0any
phpphp5.6.0any
phpphp5.6.0any
phpphp5.6.0any
phpphp5.6.0any
phpphp5.6.0any
phpphp5.6.0any
phpphp5.6.0any
phpphp5.6.1any
phpphp5.6.2any
phpphp5.6.3any
phpphp5.6.4any
file_projectfile* ≤5.20

References 21

  • bugs.gw.com http://bugs.gw.com/view.php?id=398
  • lists.apple.com http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html
  • lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00002.html
  • lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00003.html
  • lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00004.html
  • marc.info http://marc.info/?l=bugtraq&m=143748090628601&w=2
  • marc.info http://marc.info/?l=bugtraq&m=144050155601375&w=2
  • openwall.com http://openwall.com/lists/oss-security/2015/02/05/12
  • php.net http://php.net/ChangeLog-5.php
  • rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2015-1053.html
  • rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2015-1066.html
  • rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2015-1135.html
  • oracle.com http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
  • oracle.com http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
  • oracle.com http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
  • securityfocus.com http://www.securityfocus.com/bid/72505
  • bugs.php.net https://bugs.php.net/bug.php?id=68735
  • bugs.php.net https://bugs.php.net/patch-display.php?bug=68735&patch=bug68735.patch&revision=1420309079
  • github.com https://github.com/file/file/commit/59e63838913eee47f5c120a6c53d4565af638158
  • security.gentoo.org https://security.gentoo.org/glsa/201701-42
  • support.apple.com https://support.apple.com/HT205267

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.