Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2013-4636

Опубликовано: 21 июн. 2013
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 4.3

Описание

The mget function in libmagic/softmagic.c in the Fileinfo component in PHP 5.4.x before 5.4.16 allows remote attackers to cause a denial of service (invalid pointer dereference and application crash) via an MP3 file that triggers incorrect MIME type detection during access to an finfo object.

РелизСтатусПримечание
devel

released

5.4.15-1ubuntu3
lucid

not-affected

5.3.2-1ubuntu4.19
precise

not-affected

5.3.10-1ubuntu3.6
quantal

not-affected

5.4.6-1ubuntu1.2
raring

not-affected

5.4.9-4ubuntu2.1
upstream

released

5.5.0

Показывать по

Ссылки на источники

EPSS

Процентиль: 55%
0.00326
Низкий

4.3 Medium

CVSS2

Связанные уязвимости

redhat логотип

CVE-2013-4636

redhat
больше 12 лет назад

The mget function in libmagic/softmagic.c in the Fileinfo component in PHP 5.4.x before 5.4.16 allows remote attackers to cause a denial of service (invalid pointer dereference and application crash) via an MP3 file that triggers incorrect MIME type detection during access to an finfo object.

nvd логотип

CVE-2013-4636

nvd
около 12 лет назад

The mget function in libmagic/softmagic.c in the Fileinfo component in PHP 5.4.x before 5.4.16 allows remote attackers to cause a denial of service (invalid pointer dereference and application crash) via an MP3 file that triggers incorrect MIME type detection during access to an finfo object.

debian логотип

CVE-2013-4636

debian
около 12 лет назад

The mget function in libmagic/softmagic.c in the Fileinfo component in ...

github логотип

GHSA-m6h3-3xr9-pp23

github
около 3 лет назад

The mget function in libmagic/softmagic.c in the Fileinfo component in PHP 5.4.x before 5.4.16 allows remote attackers to cause a denial of service (invalid pointer dereference and application crash) via an MP3 file that triggers incorrect MIME type detection during access to an finfo object.

fstec логотип

BDU:2022-02637

CVSS3: 3.7
fstec
около 12 лет назад

Уязвимость функции mget интерпретатора языка программирования PHP, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 55%
0.00326
Низкий

4.3 Medium

CVSS2