PHP 'cdf _ unpack_summary_info () 'Function DoS Vulnerability

Release date:
Updated on: 2014-06-03

Affected Systems:
PHP 5.x
Description:
--------------------------------------------------------------------------------
Bugtraq id: 67759
CVE (CAN) ID: CVE-2014-0237
 
PHP is a widely used scripting language. It is especially suitable for Web development and can be embedded into HTML.
 
In PHP versions earlier than 5.4.29 and 5.5.0-5.5.13 and Fileinfo components, the cdf_unpack_summary_info function in cdf. c has a denial of service vulnerability. Remote attackers can trigger multiple file_printf calls to cause DOS.

LNMP full-featured compilation and installation for CentOS 6.3 notes

Install LNMP in CentOS 6.3 (PHP 5.4, MyySQL5.6)

Nginx startup failure occurs during LNMP deployment.

Ubuntu install Nginx php5-fpm MySQL (LNMP environment setup)

Detailed php hd scanning PDF + CD source code + full set of teaching videos
 
<* Source: Remi Collet
*>

Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
 
PHP
---
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
 
Http://www.php.net/ChangeLog-5.php
Https://github.com/file/file/commit/b8acc83781d5a24cc5101e525d15efe0482c280d
Https://bugs.php.net/bug.php? Id = 67328

PHP details: click here
PHP: click here

This article permanently updates the link address: