CVE-2015-4604

HIGH

PHP < 5.4.40 - Denial of Service via Fileinfo Component

Title source: llm

Description

The mget function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly maintain a certain pointer relationship, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string that is mishandled by a "Python script text executable" rule.

References (10)

Core 10

Core References

Vendor Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2015-1187.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1032709

Vendor Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2015-1186.html

Exploit x_refsource_confirm

https://bugs.php.net/bug.php?id=68819

Vendor Advisory x_refsource_confirm

http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/75241

Various Sources x_refsource_confirm

http://php.net/ChangeLog-5.php

Mailing List mailing-list x_refsource_mlist

http://www.openwall.com/lists/oss-security/2015/06/16/12

Various Sources x_refsource_confirm

http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=f938112c495b0d26572435c0be73ac0bfe642ecd

Vendor Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2015-1135.html

Scores

CVSS v3 7.5

EPSS 0.0911

EPSS Percentile 92.8%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-20

Status published

Products (41)

php/php 5.5.0

php/php 5.5.1

php/php 5.5.2

php/php 5.5.3

php/php 5.5.4

php/php 5.5.5

php/php 5.5.6

php/php 5.5.7

php/php 5.5.8

php/php 5.5.9

... and 31 more

Published May 16, 2016

Tracked Since Feb 18, 2026