Vulnerability Details : CVE-2014-3478
Buffer overflow in the mconvert function in softmagic.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (application crash) via a crafted Pascal string in a FILE_PSTRING conversion.
Vulnerability category: OverflowDenial of service
Threat overview for CVE-2014-3478
Top countries where our scanners detected CVE-2014-3478
Top open port discovered on systems with this issue
80
IPs affected by CVE-2014-3478 299,108
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2014-3478!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2014-3478
Probability of exploitation activity in the next 30 days: 15.66%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 96 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2014-3478
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST |
CWE ids for CVE-2014-3478
-
The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-3478
-
http://marc.info/?l=bugtraq&m=141017844705317&w=2
'[security bulletin] HPSBUX03102 SSRT101681 rev.1 - HP-UX Apache Server Suite running Apache Tomcat o' - MARC
-
http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.html
openSUSE-SU-2014:1236-1: moderate: several security fixes for php5
-
http://rhn.redhat.com/errata/RHSA-2014-1327.html
RHSA-2014:1327 - Security Advisory - Red Hat Customer Portal
-
http://rhn.redhat.com/errata/RHSA-2014-1766.html
RHSA-2014:1766 - Security Advisory - Red Hat Customer Portal
-
http://support.apple.com/kb/HT6443
About the security content of OS X Mavericks v10.9.5 and Security Update 2014-004 - Apple Support
-
http://www.securityfocus.com/bid/68239
PHP Fileinfo Component CVE-2014-3478 Remote Denial of Service Vulnerability
-
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
Oracle Linux Bulletin - October 2015
-
http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html
Oracle Bulletin Board Update - January 2015
-
http://rhn.redhat.com/errata/RHSA-2014-1765.html
RHSA-2014:1765 - Security Advisory - Red Hat Customer Portal
-
http://www.debian.org/security/2014/dsa-3021
Debian -- Security Information -- DSA-3021-1 file
- http://mx.gw.com/pipermail/file/2014/001553.html
-
https://support.apple.com/HT204659
About the security content of OS X Yosemite v10.10.3 and Security Update 2015-004 - Apple Support
-
https://bugs.php.net/bug.php?id=67410
PHP :: Sec Bug #67410 :: fileinfo: mconvert incorrect handling of truncated pascal string sizePatch
-
http://www.debian.org/security/2014/dsa-2974
Debian -- Security Information -- DSA-2974-1 php5
-
http://www.php.net/ChangeLog-5.php
PHP: PHP 5 ChangeLog
-
http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html
Apple - Lists.apple.com
-
https://github.com/file/file/commit/27a14bc7ba285a0a5ebfdb55e54001aa11932b08
Correctly compute the truncated pascal string size (Francisco Alonso and · file/file@27a14bc · GitHubExploit;Patch
Products affected by CVE-2014-3478
- cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.10:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.11:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.12:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.7:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.8:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.9:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.12:rc2:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.13:rc1:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.6:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.14:rc1:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.15:rc1:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.16:rc1:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.12:rc1:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.13:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.14:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.5:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.17:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.22:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.23:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.19:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.20:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.18:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.21:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.24:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.25:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.26:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.27:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.4.28:*:*:*:*:*:*:*
- cpe:2.3:a:christos_zoulas:file:*:*:*:*:*:*:*:*
- cpe:2.3:a:christos_zoulas:file:5.00:*:*:*:*:*:*:*
- cpe:2.3:a:christos_zoulas:file:5.07:*:*:*:*:*:*:*
- cpe:2.3:a:christos_zoulas:file:5.08:*:*:*:*:*:*:*
- cpe:2.3:a:christos_zoulas:file:5.03:*:*:*:*:*:*:*
- cpe:2.3:a:christos_zoulas:file:5.04:*:*:*:*:*:*:*
- cpe:2.3:a:christos_zoulas:file:5.11:*:*:*:*:*:*:*
- cpe:2.3:a:christos_zoulas:file:5.12:*:*:*:*:*:*:*
- cpe:2.3:a:christos_zoulas:file:5.05:*:*:*:*:*:*:*
- cpe:2.3:a:christos_zoulas:file:5.06:*:*:*:*:*:*:*
- cpe:2.3:a:christos_zoulas:file:5.13:*:*:*:*:*:*:*
- cpe:2.3:a:christos_zoulas:file:5.01:*:*:*:*:*:*:*
- cpe:2.3:a:christos_zoulas:file:5.02:*:*:*:*:*:*:*
- cpe:2.3:a:christos_zoulas:file:5.09:*:*:*:*:*:*:*
- cpe:2.3:a:christos_zoulas:file:5.10:*:*:*:*:*:*:*
- cpe:2.3:a:christos_zoulas:file:5.16:*:*:*:*:*:*:*
- cpe:2.3:a:christos_zoulas:file:5.17:*:*:*:*:*:*:*
- cpe:2.3:a:christos_zoulas:file:5.14:*:*:*:*:*:*:*
- cpe:2.3:a:christos_zoulas:file:5.15:*:*:*:*:*:*:*