php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Sec Bug #66820 out-of-bounds memory access in fileinfo
Submitted: 2014-03-04 13:11 UTC Modified: 2014-03-06 13:11 UTC
From: remi@php.net Assigned: remi
Status: Closed Package: Filesystem function related
PHP Version: 5.4.25 OS: irrevelant
Private report: No CVE-ID: 2014-2270
 [2014-03-04 13:11 UTC] remi@php.net
Description:
------------
A flaw was found in the way the file utility determined the type of Portable Executable (PE) format files, the executable format used on Windows. A malicious PE file could cause the file utility to crash or, potentially, execute arbitrary code.

Upstream report: http://bugs.gw.com/view.php?id=313

Upstream fix: https://github.com/glensc/file/commit/447558595a3650db2886cd2f416ad0beba965801


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2014-03-04 19:40 UTC] remi@php.net
-Status: Open +Status: Closed -Assigned To: +Assigned To: remi
 [2014-03-05 06:13 UTC] remi@php.net
Additional upstream fix (already applied)
https://github.com/glensc/file/commit/70c65d2e1841491f59168db1f905e8b14083fb1c
 [2014-03-05 17:19 UTC] remi@php.net
-CVE-ID: +CVE-ID: 2014-2270
 [2014-03-10 11:04 UTC] ab@php.net
Automatic comment on behalf of remi
Revision: http://git.php.net/?p=php-src.git;a=commit;h=a33759fd275b32ed0bbe89796fe2953b3cb0b41f
Log: Fixed Bug #66820 out-of-bounds memory access in fileinfo
 [2014-03-10 11:29 UTC] ab@php.net
Automatic comment on behalf of remi
Revision: http://git.php.net/?p=php-src.git;a=commit;h=a33759fd275b32ed0bbe89796fe2953b3cb0b41f
Log: Fixed Bug #66820 out-of-bounds memory access in fileinfo
 [2014-04-10 04:47 UTC] tyrael@php.net
Automatic comment on behalf of remi
Revision: http://git.php.net/?p=php-src.git;a=commit;h=a33759fd275b32ed0bbe89796fe2953b3cb0b41f
Log: Fixed Bug #66820 out-of-bounds memory access in fileinfo
 [2014-10-07 23:15 UTC] stas@php.net
Automatic comment on behalf of remi
Revision: http://git.php.net/?p=php-src-security.git;a=commit;h=a33759fd275b32ed0bbe89796fe2953b3cb0b41f
Log: Fixed Bug #66820 out-of-bounds memory access in fileinfo
 [2014-10-07 23:27 UTC] stas@php.net
Automatic comment on behalf of remi
Revision: http://git.php.net/?p=php-src-security.git;a=commit;h=a33759fd275b32ed0bbe89796fe2953b3cb0b41f
Log: Fixed Bug #66820 out-of-bounds memory access in fileinfo
 
PHP Copyright © 2001-2015 The PHP Group
All rights reserved.
Last updated: Mon Aug 31 10:01:28 2015 UTC