PHP Fileinfo Component Out of Bounds Memory Corruption Vulnerability

Bugtraq ID: 66002
Class: Failure to Handle Exceptional Conditions
CVE: CVE-2014-2270
Remote: Yes
Local: No
Published: Mar 06 2014 12:00AM
Updated: Apr 13 2015 09:37PM
Credit: The vendor reported this issue.
Vulnerable: Ubuntu Ubuntu Linux 13.10
Ubuntu Ubuntu Linux 12.10 i386
Ubuntu Ubuntu Linux 12.10 amd64
Ubuntu Ubuntu Linux 12.04 LTS i386
Ubuntu Ubuntu Linux 12.04 LTS amd64
Ubuntu Ubuntu Linux 10.04 sparc
Ubuntu Ubuntu Linux 10.04 powerpc
Ubuntu Ubuntu Linux 10.04 i386
Ubuntu Ubuntu Linux 10.04 ARM
Ubuntu Ubuntu Linux 10.04 amd64
Redhat Enterprise Linux Workstation Optional 6
Redhat Enterprise Linux Workstation 6
Redhat Enterprise Linux Server Optional 6
Redhat Enterprise Linux Server EUS 6.5.z
Redhat Enterprise Linux Server AUS 6.5
Redhat Enterprise Linux Server 6
Redhat Enterprise Linux HPC Node Optional 6
Redhat Enterprise Linux HPC Node 6
Redhat Enterprise Linux Desktop Workstation 5 client
Redhat Enterprise Linux Desktop Optional 6
Redhat Enterprise Linux Desktop 6
Redhat Enterprise Linux 5 Server
PHP PHP 5.5.5
PHP PHP 5.5.4
PHP PHP 5.5.3
PHP PHP 5.5.1
PHP PHP 5.5
PHP PHP 5.4.25
PHP PHP 5.4.17
PHP PHP 5.4.14
PHP PHP 5.4.8
PHP PHP 5.4.7
PHP PHP 5.4.6
PHP PHP 5.4.4
PHP PHP 5.4.3
PHP PHP 5.4.2
PHP PHP 5.4.1
PHP PHP 5.5.9
PHP PHP 5.5.8
PHP PHP 5.5.2
PHP PHP 5.5.0-DEV
PHP PHP 5.5.0 Rc2
PHP PHP 5.5.0 Rc1
PHP PHP 5.5.0 Beta4
PHP PHP 5.5.0 Beta3
PHP PHP 5.5.0 Beta2
PHP PHP 5.5.0 Beta1
PHP PHP 5.5.0 Alpha6
PHP PHP 5.5.0 Alpha5
PHP PHP 5.5.0 Alpha4
PHP PHP 5.5.0 Alpha3
PHP PHP 5.5.0 Alpha2
PHP PHP 5.5.0 Alpha1
PHP PHP 5.4.9
PHP PHP 5.4.5
PHP PHP 5.4.23
PHP PHP 5.4.22
PHP PHP 5.4.21
PHP PHP 5.4.20
PHP PHP 5.4.1RC1-DEV
PHP PHP 5.4.19
PHP PHP 5.4.18
PHP PHP 5.4.16 Rc1
PHP PHP 5.4.16
PHP PHP 5.4.15 Rc1
PHP PHP 5.4.15
PHP PHP 5.4.14 Rc1
PHP PHP 5.4.13 Rc1
PHP PHP 5.4.13
PHP PHP 5.4.12 Rc2
PHP PHP 5.4.12 Rc1
PHP PHP 5.4.12
PHP PHP 5.4.11
PHP PHP 5.4.10
PHP PHP 5.4.0RC2
PHP PHP 5.4.0beta2
Oracle Enterprise Linux 6.2
Oracle Enterprise Linux 6
Mandriva Business Server 1 X86 64
Mandriva Business Server 1
Gentoo Linux
FreeBSD FreeBSD 6.0 -STABLE
FreeBSD FreeBSD 6.0 -RELEASE
FreeBSD FreeBSD 5.0
FreeBSD FreeBSD 4.0
FreeBSD FreeBSD 3.0
FreeBSD FreeBSD 2.0
FreeBSD FreeBSD 9.0
FreeBSD FreeBSD 8.0
FreeBSD FreeBSD 7.1
FreeBSD FreeBSD 7.0
FreeBSD FreeBSD 6.0
FreeBSD FreeBSD 1.0
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
CentOS CentOS 6
Apple Mac OS X 10.9.1
Apple Mac OS X 10.9.4
Apple Mac OS X 10.9.4
Apple Mac OS X 10.9.3
Apple Mac OS X 10.9.2
Apple Mac OS X 10.9
Not Vulnerable: PHP PHP 5.4.28
FreeBSD FreeBSD 9.3-RC2
FreeBSD FreeBSD 9.3-PRERELEASE
FreeBSD FreeBSD 9.2-RELEASE-p9
FreeBSD FreeBSD 9.1-RELEASE-p16
FreeBSD FreeBSD 8.4-STABLE
FreeBSD FreeBSD 8.4-RELEASE-p13
FreeBSD FreeBSD 10.0-STABLE
FreeBSD FreeBSD 10.0-RELEASE-p6
Apple Mac OS X 10.9.5


 

Privacy Statement
Copyright 2010, SecurityFocus