VYPR
Medium severity6.5NVD Advisory· Published Jul 9, 2014· Updated Jun 17, 2026

CVE-2014-3478

CVE-2014-3478

Description

Buffer overflow in the mconvert function in softmagic.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (application crash) via a crafted Pascal string in a FILE_PSTRING conversion.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

81
  • File Project/File20 versions
    cpe:2.3:a:christos_zoulas:file:*:*:*:*:*:*:*:*+ 19 more
    • cpe:2.3:a:christos_zoulas:file:*:*:*:*:*:*:*:*range: <=5.18
    • cpe:2.3:a:christos_zoulas:file:5.00:*:*:*:*:*:*:*
    • cpe:2.3:a:christos_zoulas:file:5.01:*:*:*:*:*:*:*
    • cpe:2.3:a:christos_zoulas:file:5.02:*:*:*:*:*:*:*
    • cpe:2.3:a:christos_zoulas:file:5.03:*:*:*:*:*:*:*
    • cpe:2.3:a:christos_zoulas:file:5.04:*:*:*:*:*:*:*
    • cpe:2.3:a:christos_zoulas:file:5.05:*:*:*:*:*:*:*
    • cpe:2.3:a:christos_zoulas:file:5.06:*:*:*:*:*:*:*
    • cpe:2.3:a:christos_zoulas:file:5.07:*:*:*:*:*:*:*
    • cpe:2.3:a:christos_zoulas:file:5.08:*:*:*:*:*:*:*
    • cpe:2.3:a:christos_zoulas:file:5.09:*:*:*:*:*:*:*
    • cpe:2.3:a:christos_zoulas:file:5.10:*:*:*:*:*:*:*
    • cpe:2.3:a:christos_zoulas:file:5.11:*:*:*:*:*:*:*
    • cpe:2.3:a:christos_zoulas:file:5.12:*:*:*:*:*:*:*
    • cpe:2.3:a:christos_zoulas:file:5.13:*:*:*:*:*:*:*
    • cpe:2.3:a:christos_zoulas:file:5.14:*:*:*:*:*:*:*
    • cpe:2.3:a:christos_zoulas:file:5.15:*:*:*:*:*:*:*
    • cpe:2.3:a:christos_zoulas:file:5.16:*:*:*:*:*:*:*
    • cpe:2.3:a:christos_zoulas:file:5.17:*:*:*:*:*:*:*
    • (no CPE)range: <5.19
  • PHP/PHP60 versions
    cpe:2.3:a:php:php:*:*:*:*:*:*:*:*+ 59 more
    • cpe:2.3:a:php:php:*:*:*:*:*:*:*:*range: <=5.4.29
    • cpe:2.3:a:php:php:5.4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.4.10:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.4.11:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.4.12:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.4.12:rc1:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.4.12:rc2:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.4.13:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.4.13:rc1:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.4.14:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.4.14:rc1:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.4.15:rc1:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.4.16:rc1:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.4.17:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.4.18:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.4.19:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.4.2:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.4.20:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.4.21:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.4.22:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.4.23:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.4.24:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.4.25:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.4.26:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.4.27:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.4.28:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.4.3:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.4.4:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.4.5:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.4.6:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.4.7:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.4.8:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.4.9:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

19

News mentions

0

No linked articles in our index yet.