CVE-2014-9652

Summary

CVE	CVE-2014-9652
State	PUBLISHED
Assigner	mitre
Source Priority	CVE Program / NVD first with legacy fallback
Published	2015-03-30 10:59:01 UTC
Updated	2026-05-06 22:30:45 UTC
Description	The mconvert function in softmagic.c in file before 5.21, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not properly handle a certain string-length field during a copy of a truncated version of a Pascal string, which might allow remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted file.

Risk And Classification

Primary CVSS: v2.0 5 from [email protected]

AV:N/AC:L/Au:N/C:N/I:N/A:P

Problem Types: CWE-119 | n/a

CVSS v2.0 Breakdown

Access Vector

Network

Access Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	File Project	File	All	All	All	All
Application	Php	Php	5.5.0	All	All	All
Application	Php	Php	5.5.0	alpha1	All	All
Application	Php	Php	5.5.0	alpha2	All	All
Application	Php	Php	5.5.0	alpha3	All	All
Application	Php	Php	5.5.0	alpha4	All	All
Application	Php	Php	5.5.0	alpha5	All	All
Application	Php	Php	5.5.0	alpha6	All	All
Application	Php	Php	5.5.0	beta1	All	All
Application	Php	Php	5.5.0	beta2	All	All
Application	Php	Php	5.5.0	beta3	All	All
Application	Php	Php	5.5.0	beta4	All	All
Application	Php	Php	5.5.0	rc1	All	All
Application	Php	Php	5.5.0	rc2	All	All
Application	Php	Php	5.5.1	All	All	All
Application	Php	Php	5.5.10	All	All	All
Application	Php	Php	5.5.11	All	All	All
Application	Php	Php	5.5.12	All	All	All
Application	Php	Php	5.5.13	All	All	All
Application	Php	Php	5.5.14	All	All	All
Application	Php	Php	5.5.15	All	All	All
Application	Php	Php	5.5.16	All	All	All
Application	Php	Php	5.5.17	All	All	All
Application	Php	Php	5.5.18	All	All	All
Application	Php	Php	5.5.19	All	All	All
Application	Php	Php	5.5.2	All	All	All
Application	Php	Php	5.5.20	All	All	All
Application	Php	Php	5.5.3	All	All	All
Application	Php	Php	5.5.4	All	All	All
Application	Php	Php	5.5.5	All	All	All
Application	Php	Php	5.5.6	All	All	All
Application	Php	Php	5.5.7	All	All	All
Application	Php	Php	5.5.8	All	All	All
Application	Php	Php	5.5.9	All	All	All
Application	Php	Php	5.6.0	alpha1	All	All
Application	Php	Php	5.6.0	alpha2	All	All
Application	Php	Php	5.6.0	alpha3	All	All
Application	Php	Php	5.6.0	alpha4	All	All
Application	Php	Php	5.6.0	alpha5	All	All
Application	Php	Php	5.6.0	beta1	All	All
Application	Php	Php	5.6.0	beta2	All	All
Application	Php	Php	5.6.0	beta3	All	All
Application	Php	Php	5.6.0	beta4	All	All
Application	Php	Php	5.6.1	All	All	All
Application	Php	Php	5.6.2	All	All	All
Application	Php	Php	5.6.3	All	All	All
Application	Php	Php	5.6.4	All	All	All
Application	Php	Php	All	All	All	All

Vendor Declared Affected Products

Source	Vendor	Product	Version	Platforms
CNA	Na	N/a	affected n/a	Not specified

References

Reference	Source	Link	Tags
PR/398: Correctly truncate pascal strings (fixes out of bounds read o… · file/file@59e6383 · GitHub	af854a3a-2127-422b-91ae-364da2661108	github.com
[security-announce] openSUSE-SU-2015:0440-1: important: Security update	af854a3a-2127-422b-91ae-364da2661108	lists.opensuse.org
Red Hat Customer Portal	af854a3a-2127-422b-91ae-364da2661108	rhn.redhat.com
APPLE-SA-2015-09-30-3 OS X El Capitan 10.11	af854a3a-2127-422b-91ae-364da2661108	lists.apple.com
PHP :: Sec Bug #68735 :: fileinfo out-of-bounds memory access	af854a3a-2127-422b-91ae-364da2661108	bugs.php.net
oss-security - Re: CVE Request: PHP/file: out-of-bounds memory access in softmagic	af854a3a-2127-422b-91ae-364da2661108	openwall.com
PHP libmagick 'src/softmagic.c' Out-of-Bounds Read Vulnerability	af854a3a-2127-422b-91ae-364da2661108	www.securityfocus.com
[security-announce] SUSE-SU-2015:0424-1: important: Security update for	af854a3a-2127-422b-91ae-364da2661108	lists.opensuse.org
Red Hat Customer Portal	af854a3a-2127-422b-91ae-364da2661108	rhn.redhat.com
file: Multiple vulnerabilities (GLSA 201701-42) — Gentoo security	af854a3a-2127-422b-91ae-364da2661108	security.gentoo.org
'[security bulletin] HPSBMU03380 rev.1 - HP System Management Homepage (SMH) on Linux and Windows, Mu' - MARC	af854a3a-2127-422b-91ae-364da2661108	marc.info
[security-announce] SUSE-SU-2015:0436-1: important: Security update for	af854a3a-2127-422b-91ae-364da2661108	lists.opensuse.org
Oracle Solaris Third Party Bulletin - July 2015	af854a3a-2127-422b-91ae-364da2661108	www.oracle.com
Oracle Linux Bulletin - January 2016	af854a3a-2127-422b-91ae-364da2661108	www.oracle.com
'[security bulletin] HPSBMU03409 rev.1 - HP Matrix Operating Environment, Multiple Vulnerabilities' - MARC	af854a3a-2127-422b-91ae-364da2661108	marc.info
0000398: file out-of-bounds memory access - bugs.gw.com	af854a3a-2127-422b-91ae-364da2661108	bugs.gw.com
Oracle Linux Bulletin - October 2015	af854a3a-2127-422b-91ae-364da2661108	www.oracle.com
PHP :: Bug #68735 :: Patches	af854a3a-2127-422b-91ae-364da2661108	bugs.php.net
About the security content of OS X El Capitan v10.11 - Apple Support	af854a3a-2127-422b-91ae-364da2661108	support.apple.com
PHP: PHP 5 ChangeLog	af854a3a-2127-422b-91ae-364da2661108	php.net
Red Hat Customer Portal	af854a3a-2127-422b-91ae-364da2661108	rhn.redhat.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

Legacy QID Mappings

710357 Gentoo Linux file Multiple Vulnerabilities (GLSA 201701-42)