CVE-2014-0237

EPSS 26.1%

php5 - security update

Published: 6/1/2014Modified: 4/28/2026

Description

The cdf_unpack_summary_info function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service (performance degradation) by triggering many file_printf calls.

Affected packages (2)

Debian/filefrom 0, < 1:5.19-1
Debian/php5from 0, < 5.3.3-7+squeeze24

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2014-0237