CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-3710

The donote function in readelf.c in file through 5.20, as used in the Fileinfo component in PHP 5.4.34, does not ensure that sufficient note headers are present, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.045

EPSS Ranking 88.7%

CVSS Severity

CVSS v2 Score 5.0

References

Products affected by CVE-2014-3710

Php » Php » Version: 5.4.0

cpe:2.3:a:php:php:5.4.0
Php » Php » Version: 5.4.1

cpe:2.3:a:php:php:5.4.1
Php » Php » Version: 5.4.10

cpe:2.3:a:php:php:5.4.10
Php » Php » Version: 5.4.11

cpe:2.3:a:php:php:5.4.11
Php » Php » Version: 5.4.12

cpe:2.3:a:php:php:5.4.12
Php » Php » Version: 5.4.13

cpe:2.3:a:php:php:5.4.13
Php » Php » Version: 5.4.14

cpe:2.3:a:php:php:5.4.14
Php » Php » Version: 5.4.15

cpe:2.3:a:php:php:5.4.15
Php » Php » Version: 5.4.16

cpe:2.3:a:php:php:5.4.16
Php » Php » Version: 5.4.17

cpe:2.3:a:php:php:5.4.17
Php » Php » Version: 5.4.18

cpe:2.3:a:php:php:5.4.18
Php » Php » Version: 5.4.19

cpe:2.3:a:php:php:5.4.19
Php » Php » Version: 5.4.2

cpe:2.3:a:php:php:5.4.2
Php » Php » Version: 5.4.20

cpe:2.3:a:php:php:5.4.20
Php » Php » Version: 5.4.21

cpe:2.3:a:php:php:5.4.21
Php » Php » Version: 5.4.22

cpe:2.3:a:php:php:5.4.22
Php » Php » Version: 5.4.23

cpe:2.3:a:php:php:5.4.23
Php » Php » Version: 5.4.24

cpe:2.3:a:php:php:5.4.24
Php » Php » Version: 5.4.25

cpe:2.3:a:php:php:5.4.25
Php » Php » Version: 5.4.26

cpe:2.3:a:php:php:5.4.26
Php » Php » Version: 5.4.27

cpe:2.3:a:php:php:5.4.27
Php » Php » Version: 5.4.28

cpe:2.3:a:php:php:5.4.28
Php » Php » Version: 5.4.29

cpe:2.3:a:php:php:5.4.29
Php » Php » Version: 5.4.3

cpe:2.3:a:php:php:5.4.3
Php » Php » Version: 5.4.30

cpe:2.3:a:php:php:5.4.30
Php » Php » Version: 5.4.31

cpe:2.3:a:php:php:5.4.31
Php » Php » Version: 5.4.32

cpe:2.3:a:php:php:5.4.32
Php » Php » Version: 5.4.33

cpe:2.3:a:php:php:5.4.33
Php » Php » Version: 5.4.34

cpe:2.3:a:php:php:5.4.34
Php » Php » Version: 5.4.4

cpe:2.3:a:php:php:5.4.4
Php » Php » Version: 5.4.5

cpe:2.3:a:php:php:5.4.5
Php » Php » Version: 5.4.6

cpe:2.3:a:php:php:5.4.6
Php » Php » Version: 5.4.7

cpe:2.3:a:php:php:5.4.7
Php » Php » Version: 5.4.8

cpe:2.3:a:php:php:5.4.8
Php » Php » Version: 5.4.9

cpe:2.3:a:php:php:5.4.9
Php » Php » Version: 5.5.0

cpe:2.3:a:php:php:5.5.0
Php » Php » Version: 5.5.1

cpe:2.3:a:php:php:5.5.1
Php » Php » Version: 5.5.10

cpe:2.3:a:php:php:5.5.10
Php » Php » Version: 5.5.11

cpe:2.3:a:php:php:5.5.11
Php » Php » Version: 5.5.12

cpe:2.3:a:php:php:5.5.12
Php » Php » Version: 5.5.13

cpe:2.3:a:php:php:5.5.13
Php » Php » Version: 5.5.14

cpe:2.3:a:php:php:5.5.14
Php » Php » Version: 5.5.15

cpe:2.3:a:php:php:5.5.15
Php » Php » Version: 5.5.16

cpe:2.3:a:php:php:5.5.16
Php » Php » Version: 5.5.17

cpe:2.3:a:php:php:5.5.17
Php » Php » Version: 5.5.18

cpe:2.3:a:php:php:5.5.18
Php » Php » Version: 5.5.2

cpe:2.3:a:php:php:5.5.2
Php » Php » Version: 5.5.3

cpe:2.3:a:php:php:5.5.3
Php » Php » Version: 5.5.4

cpe:2.3:a:php:php:5.5.4
Php » Php » Version: 5.5.5

cpe:2.3:a:php:php:5.5.5
Php » Php » Version: 5.5.6

cpe:2.3:a:php:php:5.5.6
Php » Php » Version: 5.5.7

cpe:2.3:a:php:php:5.5.7
Php » Php » Version: 5.5.8

cpe:2.3:a:php:php:5.5.8
Php » Php » Version: 5.5.9

cpe:2.3:a:php:php:5.5.9
Php » Php » Version: 5.6.0

cpe:2.3:a:php:php:5.6.0
Php » Php » Version: 5.6.1

cpe:2.3:a:php:php:5.6.1
Php » Php » Version: 5.6.2

cpe:2.3:a:php:php:5.6.2
Canonical » Ubuntu Linux » Version: 10.04

cpe:2.3:o:canonical:ubuntu_linux:10.04
Canonical » Ubuntu Linux » Version: 12.04

cpe:2.3:o:canonical:ubuntu_linux:12.04
Canonical » Ubuntu Linux » Version: 14.04

cpe:2.3:o:canonical:ubuntu_linux:14.04
Canonical » Ubuntu Linux » Version: 14.10

cpe:2.3:o:canonical:ubuntu_linux:14.10
Debian » Debian Linux » Version: 7.0

cpe:2.3:o:debian:debian_linux:7.0
Debian » Debian Linux » Version: 8.0

cpe:2.3:o:debian:debian_linux:8.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-3710

Products

Pricing

Contact Us