Wind River Support Network

HomeDefectsLIN6-7676

Fixed

LIN6-7676 : Security Advisory - php - CVE-2014-0238

Created: Jun 15, 2014 Updated: Dec 3, 2018

Resolved Date: Aug 19, 2014

Found In Version: 6.0

Fix Version: 6.0.0.11

Severity: Standard

Applicable for: Wind River Linux 6

Component/s: Userspace

Description

The cdf_read_property_info function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service (infinite loop or out-of-bounds memory access) via a vector that (1) has zero length or (2) is too long.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0238

Other Downloads

Wind River Linux 6.0.0.29
Wind River Linux 6.0.0.30
Wind River Linux 6.0.0.31
Wind River Linux 6.0.0.32
Wind River Linux 6.0.0.33
Wind River Linux 6.0.0.34
Wind River Linux 6.0.0.35
Wind River Linux 6.0.0.36
Wind River Linux 6.0.0.37
Wind River Linux 6.0.0.38