CVE-2014-9652

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The mconvert function in softmagic.c in file before 5.21, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not properly handle a certain string-length field during a copy of a truncated version of a Pascal string, which might allow remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted file.

References

http://bugs.gw.com/view.php?id=398

http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html

http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00002.html

http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00003.html

http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00004.html

http://marc.info/?l=bugtraq&m=143748090628601&w=2

http://marc.info/?l=bugtraq&m=144050155601375&w=2

http://openwall.com/lists/oss-security/2015/02/05/12

http://php.net/ChangeLog-5.php

http://rhn.redhat.com/errata/RHSA-2015-1053.html

http://rhn.redhat.com/errata/RHSA-2015-1066.html

http://rhn.redhat.com/errata/RHSA-2015-1135.html

http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html

http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

http://www.securityfocus.com/bid/72505

https://bugs.php.net/bug.php?id=68735

https://bugs.php.net/patch-display.php?bug=68735&patch=bug68735.patch&revision=1420309079

https://github.com/file/file/commit/59e63838913eee47f5c120a6c53d4565af638158

https://security.gentoo.org/glsa/201701-42

https://support.apple.com/HT205267

Details

Source: MITRE

Published: 2015-03-30

Updated: 2017-07-01

Type: CWE-119

Risk Information

CVSS v2

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:php:php:*:*:*:*:*:*:*:* versions up to 5.4.36 (inclusive)

cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*

cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*

cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*

cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*

cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*

cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*

cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*

cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*

cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*

cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*

cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*

cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*

cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.5.15:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.5.16:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.5.17:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*

cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*

cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*

cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*

cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*

cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*

cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*

cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*

cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*

cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:a:file_project:file:*:*:*:*:*:*:*:* versions up to 5.20 (inclusive)

Tenable Plugins

View all (23 total)

IDNameProductFamilySeverity
124927EulerOS Virtualization 3.0.1.0 : file (EulerOS-SA-2019-1424)NessusHuawei Local Security Checks
high
98828PHP 5.6.x < 5.6.5 Multiple VulnerabilitiesWeb Application ScanningComponent Vulnerability
critical
119962SUSE SLES12 Security Update : php5 (SUSE-SU-2015:0424-1)NessusSuSE Local Security Checks
high
96576GLSA-201701-42 : file: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
93161SUSE SLES11 Security Update : php53 (SUSE-SU-2016:1638-1) (BACKRONYM)NessusSuSE Local Security Checks
critical
87555Scientific Linux Security Update : file on SL7.x x86_64 (20151119)NessusScientific Linux Local Security Checks
high
87137CentOS 7 : file (CESA-2015:2155)NessusCentOS Local Security Checks
high
87027Oracle Linux 7 : file (ELSA-2015-2155)NessusOracle Linux Local Security Checks
high
86973RHEL 7 : file (RHSA-2015:2155)NessusRed Hat Local Security Checks
high
8982Mac OS X < 10.11 Multiple VulnerabilitiesNessus Network MonitorOperating System Detection
critical
86270Mac OS X < 10.11 Multiple Vulnerabilities (GHOST)NessusMacOS X Local Security Checks
critical
84923HP System Management Homepage 7.3.x / 7.4.x < 7.5.0 Multiple Vulnerabilities (FREAK)NessusWeb Servers
high
84394Scientific Linux Security Update : php on SL7.x x86_64 (20150623)NessusScientific Linux Local Security Checks
critical
84355RHEL 7 : php (RHSA-2015:1135)NessusRed Hat Local Security Checks
critical
84351Oracle Linux 7 : php (ELSA-2015-1135)NessusOracle Linux Local Security Checks
critical
84345CentOS 7 : php (CESA-2015:1135)NessusCentOS Local Security Checks
critical
81691openSUSE Security Update : php5 (openSUSE-2015-203)NessusSuSE Local Security Checks
high
81665SuSE 11.3 Security Update : PHP 5.3 (SAT Patch Number 10370)NessusSuSE Local Security Checks
high
8615PHP 5.4.x < 5.4.37 / 5.5.x < 5.5.21 / 5.6.x < 5.6.5 Multiple VulnerabilitiesNessus Network MonitorWeb Servers
high
81399Ubuntu 12.04 LTS / 14.04 LTS / 14.10 : php5 vulnerabilities (USN-2501-1)NessusUbuntu Local Security Checks
high
81082PHP 5.6.x < 5.6.5 Multiple VulnerabilitiesNessusCGI abuses
critical
81081PHP 5.5.x < 5.5.21 Multiple VulnerabilitiesNessusCGI abuses
critical
81080PHP 5.4.x < 5.4.37 Multiple VulnerabilitiesNessusCGI abuses
high