Think you have a false positive on this rule?

Sid 1-36262

Message

SERVER-WEBAPP PHP fileinfo cdfreadproperty_info denial of service attempt

Summary

Integer overflow in the cdfreadproperty_info function in cdf.c in file through 5.19, as used in the Fileinfo component in PHP before 5.4.32 and 5.5.x before 5.5.16, allows remote attackers to cause a denial of service (application crash) via a crafted CDF file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1571.

Impact

CVSS base score 4.3 CVSS impact score 2.9 CVSS exploitability score 8.6 confidentialityImpact NONE integrityImpact NONE availabilityImpact NONE

CVE-2014-3587:

CVSS base score 4.3

CVSS impact score 2.9

CVSS exploitability score 8.6

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

Detailed information

CVE-2014-3587: Integer overflow in the cdfreadproperty_info function in cdf.c in file through 5.19, as used in the Fileinfo component in PHP before 5.4.32 and 5.5.x before 5.5.16, allows remote attackers to cause a denial of service (application crash) via a crafted CDF file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1571.

Affected systems

  • christos_zoulas file 5.00
  • christos_zoulas file 5.01
  • christos_zoulas file 5.02
  • christos_zoulas file 5.03
  • christos_zoulas file 5.04
  • christos_zoulas file 5.05
  • christos_zoulas file 5.06
  • christos_zoulas file 5.07
  • christos_zoulas file 5.08
  • christos_zoulas file 5.09
  • christos_zoulas file 5.10
  • christos_zoulas file 5.11
  • christos_zoulas file 5.12
  • christos_zoulas file 5.13
  • christos_zoulas file 5.14
  • christos_zoulas file 5.15
  • christos_zoulas file 5.16
  • christos_zoulas file 5.17
  • christos_zoulas file 5.18
  • christos_zoulas file 5.19
  • php php 5.4.0
  • php php 5.4.1
  • php php 5.4.2
  • php php 5.4.3
  • php php 5.4.4
  • php php 5.4.5
  • php php 5.4.6
  • php php 5.4.7
  • php php 5.4.8
  • php php 5.4.9
  • php php 5.4.10
  • php php 5.4.11
  • php php 5.4.12
  • php php 5.4.13
  • php php 5.4.14
  • php php 5.4.15
  • php php 5.4.16
  • php php 5.4.17
  • php php 5.4.18
  • php php 5.4.19
  • php php 5.4.20
  • php php 5.4.21
  • php php 5.4.22
  • php php 5.4.23
  • php php 5.4.24
  • php php 5.4.25
  • php php 5.4.26
  • php php 5.4.27
  • php php 5.4.28
  • php php 5.4.29
  • php php 5.4.30
  • php php 5.4.31
  • php php 5.5.0
  • php php 5.5.1
  • php php 5.5.2
  • php php 5.5.3
  • php php 5.5.4
  • php php 5.5.5
  • php php 5.5.6
  • php php 5.5.7
  • php php 5.5.8
  • php php 5.5.9
  • php php 5.5.10
  • php php 5.5.11
  • php php 5.5.12
  • php php 5.5.13
  • php php 5.5.14
  • php php 5.5.15

Ease of attack

CVE-2014-3587:

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

False positives

None known

False negatives

None known

Corrective action

Upgrade to the latest non-affected version of the software.

Apply the appropriate vendor supplied patches.

Contributors

  • Talos research team.
  • This document was generated from data supplied by the national vulnerability database, a product of the national institute of standards and technology.
  • For more information see nvd.

Additional References

  • php.net/ChangeLog-5.php|23|5.6.0