Description
It was found that the fix for CVE-2012-1571 was incomplete; the File
Information (fileinfo) extension did not correctly parse certain Composite
Document Format (CDF) files. A remote attacker could use this flaw to crash
a PHP application using fileinfo via a specially crafted CDF file.
(CVE-2014-3587)
A NULL pointer dereference flaw was found in the gdImageCreateFromXpm()
function of PHP's gd extension. A remote attacker could use this flaw to
crash a PHP application using gd via a specially crafted X PixMap (XPM)
file. (CVE-2014-2497)
Multiple buffer over-read flaws were found in the php_parserr() function of
PHP. A malicious DNS server or a man-in-the-middle attacker could possibly
use this flaw to execute arbitrary code as the PHP interpreter if a PHP
application used the dns_get_record() function to perform a DNS query.
(CVE-2014-3597)
Two use-after-free flaws were found in the way PHP handled certain Standard
PHP Library (SPL) Iterators and ArrayIterators. A malicious script author
could possibly use either of these flaws to disclose certain portions of
server memory. (CVE-2014-4670, CVE-2014-4698)