Bugzilla – Bug 976994
VUL-0: CVE-2015-8865: php5,php53: PHP Fileinfo component incorrectly handles certain magic files
Last modified: 2016-08-09 18:23:13 UTC
http://www.ubuntu.com/usn/usn-2952-1/ - - Buffer over-write in finfo_open with malformed magic file https://bugs.php.net/bug.php?id=71527 http://bugs.gw.com/view.php?id=522 https://github.com/file/file/commit/6713ca45e7757297381f4b4cdb9cf5e624a9ad36 http://git.php.net/?p=php-src.git;a=commit;h=fe13566c93f118a15a96320a546c7878fd0cfc5e It was discovered that the PHP Fileinfo component incorrectly handled certain magic files. An attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. Use CVE-2015-8865 for this issue affecting file before 5.23 (see the http://bugs.gw.com/view.php?id=522#c1237 comment). The security relevance depends, in part, on "If a compiled magic file is found alongside a file or directory, it will be used instead" in the https://github.com/file/file/blob/master/doc/file.man man page. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8865 http://seclists.org/oss-sec/2016/q2/138 http://bugs.gw.com/view.php?id=522#c1237
bugbot adjusting priority
. *** This bug has been marked as a duplicate of bug 974305 ***