CVE-2014-3587
file: incomplete fix for CVE-2012-1571 in cdf_read_property_info
Severity Score
6.2
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
2
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Integer overflow in the cdf_read_property_info function in cdf.c in file through 5.19, as used in the Fileinfo component in PHP before 5.4.32 and 5.5.x before 5.5.16, allows remote attackers to cause a denial of service (application crash) via a crafted CDF file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1571.
Desbordamiento de enteros en la función cdf_read_property_info en cdf.c en ficheros hasta 5.19, utilizado en el componente Fileinfo en PHP anterior a 5.4.32 y 5.5.x anterior a 5.5.16, permite a atacantes remotos causar una denegación de servicios (la caída de la aplicación) a través de un fichero CDF manipulado. NOTA: esta vulnerabilidad existe debido a una solución incompleta para CVE-2012-1571.
It was found that the fix for CVE-2012-1571 was incomplete; the File Information (fileinfo) extension did not correctly parse certain Composite Document Format (CDF) files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file.
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. PHP's fileinfo module provides functions used to identify a particular file according to the type of data contained by the file. A buffer overflow flaw was found in the way the File Information extension processed certain Pascal strings. A remote attacker able to make a PHP application using fileinfo convert a specially crafted Pascal string provided by an image file could cause that application to crash. Multiple flaws were found in the File Information extension regular expression rules for detecting various files. A remote attacker could use either of these flaws to cause a PHP application using fileinfo to consume an excessive amount of CPU.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2014-05-14 CVE Reserved
- 2014-08-21 CVE Published
- 2024-08-06 CVE Updated
- 2024-08-06 First Exploit
- 2025-05-04 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-189: Numeric Errors
- CWE-190: Integer Overflow or Wraparound
CAPEC
References (25)
| URL | Tag | Source |
|---|---|---|
| http://php.net/ChangeLog-5.php | X_refsource_confirm | |
| http://secunia.com/advisories/60609 | Third Party Advisory | |
| http://secunia.com/advisories/60696 | Third Party Advisory | |
| http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | X_refsource_confirm |
|
| http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html | X_refsource_confirm |
|
| http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | X_refsource_confirm |
|
| http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html | X_refsource_confirm |
|
| http://www.securityfocus.com/bid/69325 | Vdb Entry | |
| https://security-tracker.debian.org/tracker/CVE-2014-3587 | X_refsource_confirm | |
| https://support.apple.com/HT204659 | X_refsource_confirm |
|
| URL | Date | SRC |
|---|---|---|
| https://github.com/file/file/commit/0641e56be1af003aa02c7c6b0184466540637233 | 2024-08-06 | |
| https://github.com/php/php-src/commit/7ba1409a1aee5925180de546057ddd84ff267947 | 2024-08-06 |
| URL | Date | SRC |
|---|---|---|
| https://bugs.php.net/bug.php?id=67716 | 2018-01-05 |
| URL | Date | SRC |
|---|---|---|
| http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html | 2018-01-05 | |
| http://rhn.redhat.com/errata/RHSA-2014-1326.html | 2018-01-05 | |
| http://rhn.redhat.com/errata/RHSA-2014-1327.html | 2018-01-05 | |
| http://rhn.redhat.com/errata/RHSA-2014-1765.html | 2018-01-05 | |
| http://rhn.redhat.com/errata/RHSA-2014-1766.html | 2018-01-05 | |
| http://rhn.redhat.com/errata/RHSA-2016-0760.html | 2018-01-05 | |
| http://www.debian.org/security/2014/dsa-3008 | 2018-01-05 | |
| http://www.debian.org/security/2014/dsa-3021 | 2018-01-05 | |
| http://www.ubuntu.com/usn/USN-2344-1 | 2018-01-05 | |
| http://www.ubuntu.com/usn/USN-2369-1 | 2018-01-05 | |
| https://access.redhat.com/security/cve/CVE-2014-3587 | 2016-05-10 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1128587 | 2016-05-10 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Christos Zoulas Search vendor "Christos Zoulas" | File Search vendor "Christos Zoulas" for product "File" | <= 5.19 Search vendor "Christos Zoulas" for product "File" and version " <= 5.19" | - |
Affected
| ||||||
| Christos Zoulas Search vendor "Christos Zoulas" | File Search vendor "Christos Zoulas" for product "File" | 5.00 Search vendor "Christos Zoulas" for product "File" and version "5.00" | - |
Affected
| ||||||
| Christos Zoulas Search vendor "Christos Zoulas" | File Search vendor "Christos Zoulas" for product "File" | 5.01 Search vendor "Christos Zoulas" for product "File" and version "5.01" | - |
Affected
| ||||||
| Christos Zoulas Search vendor "Christos Zoulas" | File Search vendor "Christos Zoulas" for product "File" | 5.02 Search vendor "Christos Zoulas" for product "File" and version "5.02" | - |
Affected
| ||||||
| Christos Zoulas Search vendor "Christos Zoulas" | File Search vendor "Christos Zoulas" for product "File" | 5.03 Search vendor "Christos Zoulas" for product "File" and version "5.03" | - |
Affected
| ||||||
| Christos Zoulas Search vendor "Christos Zoulas" | File Search vendor "Christos Zoulas" for product "File" | 5.04 Search vendor "Christos Zoulas" for product "File" and version "5.04" | - |
Affected
| ||||||
| Christos Zoulas Search vendor "Christos Zoulas" | File Search vendor "Christos Zoulas" for product "File" | 5.05 Search vendor "Christos Zoulas" for product "File" and version "5.05" | - |
Affected
| ||||||
| Christos Zoulas Search vendor "Christos Zoulas" | File Search vendor "Christos Zoulas" for product "File" | 5.06 Search vendor "Christos Zoulas" for product "File" and version "5.06" | - |
Affected
| ||||||
| Christos Zoulas Search vendor "Christos Zoulas" | File Search vendor "Christos Zoulas" for product "File" | 5.07 Search vendor "Christos Zoulas" for product "File" and version "5.07" | - |
Affected
| ||||||
| Christos Zoulas Search vendor "Christos Zoulas" | File Search vendor "Christos Zoulas" for product "File" | 5.08 Search vendor "Christos Zoulas" for product "File" and version "5.08" | - |
Affected
| ||||||
| Christos Zoulas Search vendor "Christos Zoulas" | File Search vendor "Christos Zoulas" for product "File" | 5.09 Search vendor "Christos Zoulas" for product "File" and version "5.09" | - |
Affected
| ||||||
| Christos Zoulas Search vendor "Christos Zoulas" | File Search vendor "Christos Zoulas" for product "File" | 5.10 Search vendor "Christos Zoulas" for product "File" and version "5.10" | - |
Affected
| ||||||
| Christos Zoulas Search vendor "Christos Zoulas" | File Search vendor "Christos Zoulas" for product "File" | 5.11 Search vendor "Christos Zoulas" for product "File" and version "5.11" | - |
Affected
| ||||||
| Christos Zoulas Search vendor "Christos Zoulas" | File Search vendor "Christos Zoulas" for product "File" | 5.12 Search vendor "Christos Zoulas" for product "File" and version "5.12" | - |
Affected
| ||||||
| Christos Zoulas Search vendor "Christos Zoulas" | File Search vendor "Christos Zoulas" for product "File" | 5.13 Search vendor "Christos Zoulas" for product "File" and version "5.13" | - |
Affected
| ||||||
| Christos Zoulas Search vendor "Christos Zoulas" | File Search vendor "Christos Zoulas" for product "File" | 5.14 Search vendor "Christos Zoulas" for product "File" and version "5.14" | - |
Affected
| ||||||
| Christos Zoulas Search vendor "Christos Zoulas" | File Search vendor "Christos Zoulas" for product "File" | 5.15 Search vendor "Christos Zoulas" for product "File" and version "5.15" | - |
Affected
| ||||||
| Christos Zoulas Search vendor "Christos Zoulas" | File Search vendor "Christos Zoulas" for product "File" | 5.16 Search vendor "Christos Zoulas" for product "File" and version "5.16" | - |
Affected
| ||||||
| Christos Zoulas Search vendor "Christos Zoulas" | File Search vendor "Christos Zoulas" for product "File" | 5.17 Search vendor "Christos Zoulas" for product "File" and version "5.17" | - |
Affected
| ||||||
| Christos Zoulas Search vendor "Christos Zoulas" | File Search vendor "Christos Zoulas" for product "File" | 5.18 Search vendor "Christos Zoulas" for product "File" and version "5.18" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | <= 5.4.31 Search vendor "Php" for product "Php" and version " <= 5.4.31" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.0 Search vendor "Php" for product "Php" and version "5.4.0" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.0 Search vendor "Php" for product "Php" and version "5.4.0" | beta2 |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.0 Search vendor "Php" for product "Php" and version "5.4.0" | beta2, 32-bit |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.0 Search vendor "Php" for product "Php" and version "5.4.0" | rc2 |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.1 Search vendor "Php" for product "Php" and version "5.4.1" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.2 Search vendor "Php" for product "Php" and version "5.4.2" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.3 Search vendor "Php" for product "Php" and version "5.4.3" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.4 Search vendor "Php" for product "Php" and version "5.4.4" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.5 Search vendor "Php" for product "Php" and version "5.4.5" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.6 Search vendor "Php" for product "Php" and version "5.4.6" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.7 Search vendor "Php" for product "Php" and version "5.4.7" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.8 Search vendor "Php" for product "Php" and version "5.4.8" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.9 Search vendor "Php" for product "Php" and version "5.4.9" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.10 Search vendor "Php" for product "Php" and version "5.4.10" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.11 Search vendor "Php" for product "Php" and version "5.4.11" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.12 Search vendor "Php" for product "Php" and version "5.4.12" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.12 Search vendor "Php" for product "Php" and version "5.4.12" | rc1 |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.12 Search vendor "Php" for product "Php" and version "5.4.12" | rc2 |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.13 Search vendor "Php" for product "Php" and version "5.4.13" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.13 Search vendor "Php" for product "Php" and version "5.4.13" | rc1 |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.14 Search vendor "Php" for product "Php" and version "5.4.14" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.14 Search vendor "Php" for product "Php" and version "5.4.14" | rc1 |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.15 Search vendor "Php" for product "Php" and version "5.4.15" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.15 Search vendor "Php" for product "Php" and version "5.4.15" | rc1 |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.16 Search vendor "Php" for product "Php" and version "5.4.16" | rc1 |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.17 Search vendor "Php" for product "Php" and version "5.4.17" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.18 Search vendor "Php" for product "Php" and version "5.4.18" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.19 Search vendor "Php" for product "Php" and version "5.4.19" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.20 Search vendor "Php" for product "Php" and version "5.4.20" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.21 Search vendor "Php" for product "Php" and version "5.4.21" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.22 Search vendor "Php" for product "Php" and version "5.4.22" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.23 Search vendor "Php" for product "Php" and version "5.4.23" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.24 Search vendor "Php" for product "Php" and version "5.4.24" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.25 Search vendor "Php" for product "Php" and version "5.4.25" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.26 Search vendor "Php" for product "Php" and version "5.4.26" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.27 Search vendor "Php" for product "Php" and version "5.4.27" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.28 Search vendor "Php" for product "Php" and version "5.4.28" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.29 Search vendor "Php" for product "Php" and version "5.4.29" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.4.30 Search vendor "Php" for product "Php" and version "5.4.30" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.0 Search vendor "Php" for product "Php" and version "5.5.0" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.0 Search vendor "Php" for product "Php" and version "5.5.0" | alpha1 |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.0 Search vendor "Php" for product "Php" and version "5.5.0" | alpha2 |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.0 Search vendor "Php" for product "Php" and version "5.5.0" | alpha3 |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.0 Search vendor "Php" for product "Php" and version "5.5.0" | alpha4 |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.0 Search vendor "Php" for product "Php" and version "5.5.0" | alpha5 |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.0 Search vendor "Php" for product "Php" and version "5.5.0" | alpha6 |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.0 Search vendor "Php" for product "Php" and version "5.5.0" | beta1 |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.0 Search vendor "Php" for product "Php" and version "5.5.0" | beta2 |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.0 Search vendor "Php" for product "Php" and version "5.5.0" | beta3 |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.0 Search vendor "Php" for product "Php" and version "5.5.0" | beta4 |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.0 Search vendor "Php" for product "Php" and version "5.5.0" | rc1 |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.0 Search vendor "Php" for product "Php" and version "5.5.0" | rc2 |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.1 Search vendor "Php" for product "Php" and version "5.5.1" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.2 Search vendor "Php" for product "Php" and version "5.5.2" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.3 Search vendor "Php" for product "Php" and version "5.5.3" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.4 Search vendor "Php" for product "Php" and version "5.5.4" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.5 Search vendor "Php" for product "Php" and version "5.5.5" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.6 Search vendor "Php" for product "Php" and version "5.5.6" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.7 Search vendor "Php" for product "Php" and version "5.5.7" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.8 Search vendor "Php" for product "Php" and version "5.5.8" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.9 Search vendor "Php" for product "Php" and version "5.5.9" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.10 Search vendor "Php" for product "Php" and version "5.5.10" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.11 Search vendor "Php" for product "Php" and version "5.5.11" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.12 Search vendor "Php" for product "Php" and version "5.5.12" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.13 Search vendor "Php" for product "Php" and version "5.5.13" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.14 Search vendor "Php" for product "Php" and version "5.5.14" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | 5.5.15 Search vendor "Php" for product "Php" and version "5.5.15" | - |
Affected
| ||||||