Vulnerability CVE-2014-3478 - CERT Civis.Net

Vulnerability Name:

CVE-2014-3478 (CCN-94323)

Assigned:

2014-06-26

Published:

2014-06-26

Updated:

2016-11-28

Summary:

Buffer overflow in the mconvert function in softmagic.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (application crash) via a crafted Pascal string in a FILE_PSTRING conversion.

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

4.3 Medium (REDHAT CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Type:

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2014-3478

Source: APPLE
Type: UNKNOWN
APPLE-SA-2015-04-08-2

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2014:1236

Source: HP
Type: UNKNOWN
SSRT101681

Source: MLIST
Type: UNKNOWN
[file] 20140612 file-5.19 is now available

Source: CCN
Type: RHSA-2014-1327
Moderate: php security update

Source: REDHAT
Type: UNKNOWN
RHSA-2014:1327

Source: REDHAT
Type: UNKNOWN
RHSA-2014:1765

Source: REDHAT
Type: UNKNOWN
RHSA-2014:1766

Source: SECUNIA
Type: UNKNOWN
59794

Source: SECUNIA
Type: UNKNOWN
59831

Source: CONFIRM
Type: UNKNOWN
http://support.apple.com/kb/HT6443

Source: DEBIAN
Type: UNKNOWN
DSA-2974

Source: DEBIAN
Type: UNKNOWN
DSA-3021

Source: CCN
Type: IBM Security Bulletin T1023349 (PowerKVM)
Multiple vulnerabilities in file affect PowerKVM

Source: CONFIRM
Type: UNKNOWN
http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html

Source: CONFIRM
Type: UNKNOWN
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

Source: CCN
Type: PHP Web site
PHP 5.6.0RC2 is available

Source: CONFIRM
Type: UNKNOWN
http://www.php.net/ChangeLog-5.php

Source: BID
Type: UNKNOWN
68239

Source: CCN
Type: BID-68239
PHP Fileinfo Component CVE-2014-3478 Remote Denial of Service Vulnerability

Source: CONFIRM
Type: Patch
https://bugs.php.net/bug.php?id=67410

Source: XF
Type: UNKNOWN
php-cve20143478-dos(94323)

Source: CONFIRM
Type: Exploit, Patch
https://github.com/file/file/commit/27a14bc7ba285a0a5ebfdb55e54001aa11932b08

Source: CONFIRM
Type: UNKNOWN
https://support.apple.com/HT204659

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2014-3478

Vulnerable Configuration:

Configuration 1:

cpe:/a:christos_zoulas:file:5.00:*:*:*:*:*:*:*

OR cpe:/a:christos_zoulas:file:5.01:*:*:*:*:*:*:*

OR cpe:/a:christos_zoulas:file:5.02:*:*:*:*:*:*:*

OR cpe:/a:christos_zoulas:file:5.03:*:*:*:*:*:*:*

OR cpe:/a:christos_zoulas:file:5.04:*:*:*:*:*:*:*

OR cpe:/a:christos_zoulas:file:5.05:*:*:*:*:*:*:*

OR cpe:/a:christos_zoulas:file:5.06:*:*:*:*:*:*:*

OR cpe:/a:christos_zoulas:file:5.07:*:*:*:*:*:*:*

OR cpe:/a:christos_zoulas:file:5.08:*:*:*:*:*:*:*

OR cpe:/a:christos_zoulas:file:5.09:*:*:*:*:*:*:*

OR cpe:/a:christos_zoulas:file:5.10:*:*:*:*:*:*:*

OR cpe:/a:christos_zoulas:file:5.11:*:*:*:*:*:*:*

OR cpe:/a:christos_zoulas:file:5.12:*:*:*:*:*:*:*

OR cpe:/a:christos_zoulas:file:5.13:*:*:*:*:*:*:*

OR cpe:/a:christos_zoulas:file:5.14:*:*:*:*:*:*:*

OR cpe:/a:christos_zoulas:file:5.15:*:*:*:*:*:*:*

OR cpe:/a:christos_zoulas:file:5.16:*:*:*:*:*:*:*

OR cpe:/a:christos_zoulas:file:5.17:*:*:*:*:*:*:*

OR cpe:/a:christos_zoulas:file:*:*:*:*:*:*:*:* (Version <= 5.18)

OR cpe:/a:php:php:5.4.0:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.4.1:*:*:*:*:*:*:*

OR cpe:/a:php:php:5.4.2:*:*:*:*:*:*:*

OR cpe:/a:php:php:5.4.3:*:*:*:*:*:*:*

OR cpe:/a:php:php:5.4.4:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.4.5:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.4.6:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.4.7:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.4.8:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.4.9:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.4.10:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.4.11:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.4.12:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.4.12:rc1:*:*:*:*:*:*

OR cpe:/a:php:php:5.4.12:rc2:*:*:*:*:*:*

OR cpe:/a:php:php:5.4.13:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.4.13:rc1:*:*:*:*:*:*

OR cpe:/a:php:php:5.4.14:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.4.14:rc1:*:*:*:*:*:*

OR cpe:/a:php:php:5.4.15:rc1:*:*:*:*:*:*

OR cpe:/a:php:php:5.4.16:rc1:*:*:*:*:*:*

OR cpe:/a:php:php:5.4.17:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.4.18:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.4.19:*:*:*:*:*:*:*

OR cpe:/a:php:php:5.4.20:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.4.21:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.4.22:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.4.23:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.4.24:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.4.25:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.4.26:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.4.27:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.4.28:-:*:*:*:*:*:*

OR cpe:/a:php:php:*:*:*:*:*:*:*:* (Version <= 5.4.29)

OR cpe:/a:php:php:5.5.0:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.0:alpha1:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.0:alpha2:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.0:alpha3:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.0:alpha4:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.0:alpha5:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.0:alpha6:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.0:beta1:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.0:beta2:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.0:beta3:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.0:beta4:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.0:rc1:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.0:rc2:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.1:*:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.2:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.3:*:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.4:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.5:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.6:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.7:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.8:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.9:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.10:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.11:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.12:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.13:-:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:7:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:7::client:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:7::computenode:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:7::server:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:7::workstation:*:*:*:*:*

Configuration CCN 1:

cpe:/a:php:php:5.5.13:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.4.29:-:*:*:*:*:*:*

AND

cpe:/o:redhat:enterprise_linux_hpc_node:7:*:*:*:*:*:*:*

OR cpe:/a:ibm:powerkvm:2.1:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_desktop:7:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_server:7:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_workstation:7:*:*:*:*:*:*:*

OR cpe:/a:ibm:powerkvm:3.1:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20143478	V	CVE-2014-3478	2022-05-20
oval:org.opensuse.security:def:33758	P	Security update for xorg-x11-server (Important)	2021-12-20
oval:org.opensuse.security:def:34609	P	Security update for mozilla-nss (Important)	2021-12-06
oval:org.opensuse.security:def:33049	P	Security update for java-1_7_0-openjdk (Important)	2021-11-24
oval:org.opensuse.security:def:32218	P	Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)	2021-11-19
oval:org.opensuse.security:def:26163	P	Security update for bind (Important)	2021-11-11
oval:org.opensuse.security:def:29423	P	Security update for openssl (Low)	2021-09-20
oval:org.opensuse.security:def:33971	P	Security update for openssl-1_0_0 (Low)	2021-09-09
oval:org.opensuse.security:def:32162	P	Security update for libcares2 (Important)	2021-08-16
oval:org.opensuse.security:def:26099	P	Security update for libsndfile (Critical)	2021-08-05
oval:org.opensuse.security:def:26088	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:33927	P	Security update for caribou (Important)	2021-06-10
oval:org.opensuse.security:def:31638	P	Security update for caribou (Important)	2021-06-10
oval:org.opensuse.security:def:36086	P	apache2-mod_php53-5.3.17-0.41.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36538	P	php53-devel-5.3.17-0.41.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:42493	P	apache2-mod_php53-5.3.17-0.41.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:33903	P	Security update for samba (Important)	2021-05-04
oval:org.opensuse.security:def:26212	P	Security update for python3 (Moderate)	2021-03-19
oval:org.opensuse.security:def:34649	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:29480	P	Security update for openldap2 (Important)	2021-03-03
oval:org.opensuse.security:def:32267	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:26087	P	Security update for sudo (Important)	2021-01-26
oval:org.opensuse.security:def:33010	P	Security update for java-1_8_0-ibm (Moderate)	2021-01-05
oval:org.opensuse.security:def:26061	P	Security update for dovecot22 (Important)	2021-01-04
oval:org.opensuse.security:def:25977	P	Security update for openssl-1_1 (Important)	2020-12-10
oval:org.opensuse.security:def:32006	P	Security update for mutt (Important)	2020-12-07
oval:org.opensuse.security:def:31553	P	Security update for sqlite3 (Moderate)	2020-12-01
oval:org.opensuse.security:def:30560	P	Security update for OpenSSL	2020-12-01
oval:org.opensuse.security:def:31919	P	Security update for ghostscript-library (Moderate)	2020-12-01
oval:org.opensuse.security:def:26411	P	Security update for go (Moderate)	2020-12-01
oval:org.opensuse.security:def:26372	P	Recommended update for geotiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:32306	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:33226	P	pcsc-ccid on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26766	P	libsamplerate on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29137	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:27536	P	php53-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25636	P	Security update for libproxy (Important)	2020-12-01
oval:org.opensuse.security:def:29565	P	Security update for OpenEXR (Moderate)	2020-12-01
oval:org.opensuse.security:def:29878	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31770	P	Security update for MozillaFirefox, mozilla-nss, mozilla-nspr (Important)	2020-12-01
oval:org.opensuse.security:def:26353	P	Security update for tor (Moderate)	2020-12-01
oval:org.opensuse.security:def:33136	P	libQtWebKit4-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26664	P	aaa_base on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29125	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:33513	P	Security update for perl-HTML-Parser	2020-12-01
oval:org.opensuse.security:def:26863	P	apache2-mod_jk on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25839	P	Security update for gimp (Moderate)	2020-12-01
oval:org.opensuse.security:def:29821	P	Security update for java-1_6_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:31564	P	Security update for squid3 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26265	P	Security update for guile (Low)	2020-12-01
oval:org.opensuse.security:def:30597	P	Security update for php53 (Important)	2020-12-01
oval:org.opensuse.security:def:27049	P	unzip on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26429	P	Security update for keepalived (Moderate)	2020-12-01
oval:org.opensuse.security:def:32328	P	Security update for samba (Moderate)	2020-12-01
oval:org.opensuse.security:def:33361	P	Security update for openssl1 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26805	P	perl-Tk on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29206	P	Security update for openssl (Moderate)	2020-12-01
oval:org.opensuse.security:def:33815	P	Security update for glib2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25647	P	Security update for freetype2 (Important)	2020-12-01
oval:org.opensuse.security:def:29718	P	Security update for MozillaFirefox	2020-12-01
oval:org.opensuse.security:def:31552	P	Security update for socat (Moderate)	2020-12-01
oval:org.opensuse.security:def:29922	P	Security update for libexif (Moderate)	2020-12-01
oval:org.opensuse.security:def:31862	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:26367	P	Security update for MozillaThunderbird (Moderate)	2020-12-01
oval:org.opensuse.security:def:26291	P	Security update for python-reportlab (Important)	2020-12-01
oval:org.opensuse.security:def:33147	P	libexif on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26717	P	gzip on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29126	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:33601	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:27501	P	libwmf on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25635	P	Security update for tigervnc (Critical)	2020-12-01
oval:org.opensuse.security:def:25920	P	Security update for gstreamer-plugins-base (Moderate)	2020-12-01
oval:org.opensuse.security:def:29860	P	Security update for the Linux Kernel	2020-12-01
oval:org.opensuse.security:def:26314	P	Security update for iperf (Moderate)	2020-12-01
oval:org.opensuse.security:def:27084	P	apache2-mod_php53 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33135	P	libMagickCore1-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26513	P	Security update for chromium (Important)	2020-12-01
oval:org.opensuse.security:def:32372	P	Security update for tcpdump (Moderate)	2020-12-01
oval:org.opensuse.security:def:33456	P	Security update for icu	2020-12-01
oval:org.opensuse.security:def:26819	P	ruby on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29337	P	Security update for spacewalk	2020-12-01
oval:org.opensuse.security:def:33864	P	Security update for jasper	2020-12-01
oval:org.opensuse.security:def:25711	P	Security update for python-aws-sam-translator, python-boto3, python-botocore, python-cfn-lint, python-jsonschema, python-nose2, python-parameterized, python-pathlib2, python-pytest-cov, python-requests, python-s3transfer (Moderate)	2020-12-01
oval:org.opensuse.security:def:29772	P	Security update for glibc (Important)	2020-12-01
oval:com.redhat.rhsa:def:20152155	P	RHSA-2015:2155: file security and bug fix update (Moderate)	2015-11-19
oval:org.mitre.oval:def:27986	P	DSA-3021-2 -- file regression update	2015-01-26
oval:org.mitre.oval:def:27173	P	ELSA-2014-1327 -- php security update (moderate)	2014-12-15
oval:org.mitre.oval:def:27209	P	RHSA-2014:1327: php security update (Moderate)	2014-12-01
oval:org.mitre.oval:def:26455	P	DSA-3021-1 file - security update	2014-11-10
oval:org.mitre.oval:def:24837	P	DSA-2974-1 -- php5 - security update	2014-10-06
oval:com.redhat.rhsa:def:20141327	P	RHSA-2014:1327: php security update (Moderate)	2014-09-30
oval:org.mitre.oval:def:25721	P	SUSE-SU-2014:0938-1 -- Security update for PHP 5.3	2014-09-15
oval:org.mitre.oval:def:25226	P	USN-2276-1 -- php5 vulnerabilities	2014-09-01
oval:org.mitre.oval:def:25274	P	USN-2278-1 -- file vulnerabilities	2014-09-01
oval:com.ubuntu.precise:def:20143478000	V	CVE-2014-3478 on Ubuntu 12.04 LTS (precise) - medium.	2014-07-09
oval:com.ubuntu.trusty:def:20143478000	V	CVE-2014-3478 on Ubuntu 14.04 LTS (trusty) - medium.	2014-07-09