Vigil@nce - PHP: multiple vulnerabilities
July 2014 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can use several vulnerabilities of PHP.
Impacted products: Debian, Fedora, MBS, PHP, Ubuntu
Severity: 2/4
Creation date: 27/06/2014
Revision date: 04/07/2014
DESCRIPTION OF THE VULNERABILITY
Several vulnerabilities were announced in PHP.
An attacker can generate a buffer overflow in Fileinfo
cdf_read_short_sector, in order to trigger a denial of service,
and possibly to execute code. [severity:2/4; CVE-2014-0207]
An attacker can generate a buffer overflow in Fileinfo mconvert,
in order to trigger a denial of service, and possibly to execute
code. [severity:2/4; CVE-2014-3478]
An attacker can generate a buffer overflow in Fileinfo
cdf_check_stream_offset, in order to trigger a denial of service,
and possibly to execute code. [severity:2/4; CVE-2014-3479]
An attacker can generate a buffer overflow in Fileinfo
cdf_count_chain, in order to trigger a denial of service, and
possibly to execute code. [severity:2/4; CVE-2014-3480]
An attacker can generate a buffer overflow in Fileinfo
cdf_read_property_info, in order to trigger a denial of service,
and possibly to execute code. [severity:2/4; CVE-2014-3487]
An attacker can use SPL unserialize(), in order to execute code.
[severity:2/4; CVE-2014-3515]
An attacker can change the type of variables, to read a memory
fragment of PHP, in order to obtain sensitive information.
[severity:1/4; 67498, CVE-2014-4721]
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/PHP-multiple-vulnerabilities-14948