php
Page content
- Author: kikadf
- Vulnerable: 5.3.26-2arcturus4
- Unaffected: 5.3.26-2arcturus5
It was discovered that the CDF parser of the fileinfo module does not properly process malformed files in the Composite Document File (CDF) format, leading to crashes. It was discovered that PHP incorrectly handled certain SPL Iterators. A local attacker could use this flaw to cause PHP to crash, resulting in a denial of service.