Wind River Support Network


LIN5-18925 : Security Advisory - php - CVE-2014-0238

Created: Jun 15, 2014    Updated: Dec 19, 2017
Resolved Date: Aug 19, 2014
Found In Version: 5.0
Fix Version:
Severity: Standard
Applicable for: Wind River Linux 5
Component/s: Userspace


The cdf_read_property_info function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service (infinite loop or out-of-bounds memory access) via a vector that (1) has zero length or (2) is too long.

Other Downloads

Live chat