CVE-2014-3478

high-risk

Published 2014-07-09

Buffer overflow in the mconvert function in softmagic.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (application crash) via a crafted Pascal string in a FILE_PSTRING conversion.

Do I need to act?

25.3% chance of exploitation in next 30 days

EPSS score — higher than 75% of all CVEs

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 6.5/10 Medium

NETWORK / LOW complexity

Affected Products (20)

File

Php

Affected Vendors

Php Christos Zoulas

References (38)

http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html

http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.html

http://marc.info/?l=bugtraq&m=141017844705317&w=2

http://mx.gw.com/pipermail/file/2014/001553.html

http://rhn.redhat.com/errata/RHSA-2014-1327.html

http://rhn.redhat.com/errata/RHSA-2014-1765.html

http://rhn.redhat.com/errata/RHSA-2014-1766.html

http://secunia.com/advisories/59794

http://secunia.com/advisories/59831

http://support.apple.com/kb/HT6443

http://www.debian.org/security/2014/dsa-2974

http://www.debian.org/security/2014/dsa-3021

http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html

http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.h...

http://www.php.net/ChangeLog-5.php

http://www.securityfocus.com/bid/68239

Patch https://bugs.php.net/bug.php?id=67410

Exploit https://github.com/file/file/commit/27a14bc7ba285a0a5ebfdb55e54001aa11932b08

https://support.apple.com/HT204659

http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html

and 18 more references

/ 100

high-risk

Severity 24/34 · High

Exploitability 15/34 · Moderate

Exposure 28/34 · Critical