CVE-2003-0102

🗓️ 01 Sep 2004 04:00:00Reported by mitreType

Buffer overflow in tryelf() in readelf.c of the file command allows attackers to execute arbitrary code as the user running file, possibly via a large entity size value in an ELF header (elfhdr.e_shentsize). NV

Reporter	Title	Published	Views	Family All 17
Cvelist	CVE-2003-0102	1 Sep 200404:00	–	cvelist
Debian	[SECURITY] [DSA-260-1] New file package fixes buffer overflow	13 Mar 200312:58	–	debian
Debian CVE	CVE-2003-0102	1 Sep 200404:00	–	debiancve
Tenable Nessus	Debian DSA-260-1 : file - buffer overflow	29 Sep 200400:00	–	nessus
Tenable Nessus	Mandrake Linux Security Advisory : file (MDKSA-2003:030-1)	31 Jul 200400:00	–	nessus
Tenable Nessus	RHEL 2.1 : file (RHSA-2003:087)	6 Jul 200400:00	–	nessus
Tenable Nessus	SUSE-SA:2003:017: file	25 Jul 200400:00	–	nessus
EUVD	EUVD-2003-0098	7 Oct 202500:30	–	euvd
NVD	CVE-2003-0102	18 Mar 200305:00	–	nvd
OpenVAS	Debian: Security Advisory (DSA-260)	17 Jan 200800:00	–	openvas

NVD

Node

file fileMatch3.28

file fileMatch3.30

file fileMatch3.32

file fileMatch3.33

file fileMatch3.34

file fileMatch3.35

file fileMatch3.36

file fileMatch3.37

file fileMatch3.39

file fileMatch3.40

Node

netbsd netbsdMatch1.5

netbsd netbsdMatch1.5.1

netbsd netbsdMatch1.5.2

netbsd netbsdMatch1.5.3

netbsd netbsdMatch1.6

Source	Link
debian	www.debian.org/security/2003/dsa-260
mandrakesoft	www.mandrakesoft.com/security/advisories
kb	www.kb.cert.org/vuls/id/611865
idefense	www.idefense.com/advisory/03.04.03.txt
securityfocus	www.securityfocus.com/bid/7008
ftp	www.ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-003.txt.asc
marc	www.marc.info/
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/11469
lwn	www.lwn.net/Alerts/34908/
redhat	www.redhat.com/support/errata/RHSA-2003-087.html

16 Apr 2026 00:27Current

7.5High risk

Vulners AI Score7.5

CVSS 24.6

EPSS0.05745