Denial of Service Vulnerability in Fileinfo Component of PHP
CVE-2014-3487

Currently unrated

Key Information:

Vendor

PHP
Status
PHP
File
Vendor
CVE Published:
9 July 2014

What is CVE-2014-3487?

The cdf_read_property_info function in the Fileinfo component of PHP prior to certain versions lacks proper validation for stream offsets. This oversight can be exploited by remote attackers to craft malicious CDF files, leading to application crashes and service disruptions. Users are urged to update to the latest versions to mitigate potential risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://support.apple.com/HT204659
x_refsource_CONFIRM
http://rhn.redhat.com/errata/RHSA-2014-1766.html
vendor-advisoryx_refsource_REDHAT
http://www.debian.org/security/2014/dsa-3021
vendor-advisoryx_refsource_DEBIAN

EPSS Score

19% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.