Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The mget function in libmagic/softmagic.c in the Fileinfo component in PHP 5.4.x before 5.4.16 allows remote attackers to cause a denial of service (invalid pointer dereference and application crash) via an MP3 file that triggers incorrect MIME type detection during access to an finfo object.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
PHP 输入验证错误漏洞
Vulnerability Description
PHP是一种在服务器端执行的脚本语言。 PHP 5.4.16之前的5.4.x版本中的Fileinfo组件中的libmagic/softmagic.c中的‘mget’函数中存在输入验证错误漏洞。远程攻击者可通过MP3文件在访问finfo对象期间触发不正确的MIME类型检测,利用该漏洞造成拒绝服务(无效指针引用和程序崩溃)。
CVSS Information
N/A
Vulnerability Type
N/A