CVE-2014-9652
NONE EPSS 91.8%
Published Mar 30, 201511y ago · Modified Jun 17, 20262w ago
Published Mar 30, 2015 11y ago
Last Modified Jun 17, 2026 2w ago
Description
The mconvert function in softmagic.c in file before 5.21, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not properly handle a certain string-length field during a copy of a truncated version of a Pascal string, which might allow remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted file.
Threat Intelligence
EPSS Exploit Probability
91.8% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 1
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer Memory Safety
Affected Products 48
| Vendor | Product | Version | Range |
|---|---|---|---|
| php | php | * | ≤5.4.36 |
| php | php | 5.5.0 | any |
| php | php | 5.5.0 | any |
| php | php | 5.5.0 | any |
| php | php | 5.5.0 | any |
| php | php | 5.5.0 | any |
| php | php | 5.5.0 | any |
| php | php | 5.5.0 | any |
| php | php | 5.5.0 | any |
| php | php | 5.5.0 | any |
| php | php | 5.5.0 | any |
| php | php | 5.5.0 | any |
| php | php | 5.5.0 | any |
| php | php | 5.5.0 | any |
| php | php | 5.5.1 | any |
| php | php | 5.5.2 | any |
| php | php | 5.5.3 | any |
| php | php | 5.5.4 | any |
| php | php | 5.5.5 | any |
| php | php | 5.5.6 | any |
| php | php | 5.5.7 | any |
| php | php | 5.5.8 | any |
| php | php | 5.5.9 | any |
| php | php | 5.5.10 | any |
| php | php | 5.5.11 | any |
| php | php | 5.5.12 | any |
| php | php | 5.5.13 | any |
| php | php | 5.5.14 | any |
| php | php | 5.5.15 | any |
| php | php | 5.5.16 | any |
| php | php | 5.5.17 | any |
| php | php | 5.5.18 | any |
| php | php | 5.5.19 | any |
| php | php | 5.5.20 | any |
| php | php | 5.6.0 | any |
| php | php | 5.6.0 | any |
| php | php | 5.6.0 | any |
| php | php | 5.6.0 | any |
| php | php | 5.6.0 | any |
| php | php | 5.6.0 | any |
| php | php | 5.6.0 | any |
| php | php | 5.6.0 | any |
| php | php | 5.6.0 | any |
| php | php | 5.6.1 | any |
| php | php | 5.6.2 | any |
| php | php | 5.6.3 | any |
| php | php | 5.6.4 | any |
| file_project | file | * | ≤5.20 |
References 21
- bugs.gw.com http://bugs.gw.com/view.php?id=398
- lists.apple.com http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00002.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00003.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00004.html
- marc.info http://marc.info/?l=bugtraq&m=143748090628601&w=2
- marc.info http://marc.info/?l=bugtraq&m=144050155601375&w=2
- openwall.com http://openwall.com/lists/oss-security/2015/02/05/12
- php.net http://php.net/ChangeLog-5.php
- rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2015-1053.html
- rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2015-1066.html
- rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2015-1135.html
- oracle.com http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
- oracle.com http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
- oracle.com http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
- securityfocus.com http://www.securityfocus.com/bid/72505
- bugs.php.net https://bugs.php.net/bug.php?id=68735
- bugs.php.net https://bugs.php.net/patch-display.php?bug=68735&patch=bug68735.patch&revision=1420309079
- github.com https://github.com/file/file/commit/59e63838913eee47f5c120a6c53d4565af638158
- security.gentoo.org https://security.gentoo.org/glsa/201701-42
- support.apple.com https://support.apple.com/HT205267
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.