High severity7.5NVD Advisory· Published May 16, 2016· Updated Jun 17, 2026
CVE-2014-0236
CVE-2014-0236
Description
file before 5.18, as used in the Fileinfo component in PHP before 5.6.0, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a zero root_storage value in a CDF file, related to cdf.c and readcdf.c.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Range: <5.18
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.