Unrated severityNVD Advisory· Published Jun 1, 2014· Updated Jun 17, 2026
CVE-2014-0237
CVE-2014-0237
Description
The cdf_unpack_summary_info function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service (performance degradation) by triggering many file_printf calls.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6- osv-coords2 versionspkg:rpm/opensuse/php5&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/php7&distro=openSUSE%20Tumbleweed
< 5.6.28-1.1+ 1 more
- (no CPE)range: < 5.6.28-1.1
- (no CPE)range: < 7.0.14-1.4
Patches
Vulnerability mechanics
References
18- bugs.php.net/bug.phpnvdPatchVendor Advisory
- github.com/file/file/commit/b8acc83781d5a24cc5101e525d15efe0482c280dnvdPatchThird Party Advisory
- lists.apple.com/archives/security-announce/2015/Apr/msg00001.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2014-07/msg00002.htmlnvdMailing ListThird Party Advisory
- rhn.redhat.com/errata/RHSA-2014-1765.htmlnvdThird Party Advisory
- rhn.redhat.com/errata/RHSA-2014-1766.htmlnvdThird Party Advisory
- secunia.com/advisories/59061nvdThird Party Advisory
- secunia.com/advisories/59329nvdThird Party Advisory
- secunia.com/advisories/59418nvdThird Party Advisory
- secunia.com/advisories/60998nvdThird Party Advisory
- support.apple.com/kb/HT6443nvdThird Party Advisory
- www-01.ibm.com/support/docview.wssnvdThird Party Advisory
- www.debian.org/security/2014/dsa-3021nvdThird Party Advisory
- www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.htmlnvdThird Party Advisory
- www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.htmlnvdThird Party Advisory
- www.php.net/ChangeLog-5.phpnvdVendor Advisory
- www.securityfocus.com/bid/67759nvdThird Party AdvisoryVDB Entry
- support.apple.com/HT204659nvdThird Party Advisory
News mentions
0No linked articles in our index yet.