Bluewind

**Name of the Vulnerable Software and Affected Versions** PHP versions 5.4.x before 5.4.16 **Description** The issue exists due to insufficient input validation in the mget function of the PHP interpreter. This can be exploited by a remote attacker to cause a denial of service, resulting in an application crash. The vulnerability is triggered when an MP3 file causes incorrect MIME type detection during access to an finfo object. **Recommendations** For PHP versions 5.4.x before 5.4.16, update to version 5.4.16 or later to resolve the issue. As a temporary workaround, consider restricting access to MP3 files or disabling the mget function until a patch is available.