CVE-2014-9620

2015-01-2118:59:00

CWE-399

[email protected]

web.nvd.nist.gov

cve-2014-9620

nvd

elf parser

file 5.08

file 5.21

remote attackers

denial of service

7.1 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.061 Low

EPSS

Percentile

93.4%

JSON

The ELF parser in file 5.08 through 5.21 allows remote attackers to cause a denial of service via a large number of notes.

CPENameOperatorVersion
file_project:filefile project fileeq5.21
file_project:filefile project fileeq5.15
file_project:filefile project fileeq5.19
file_project:filefile project fileeq5.08
file_project:filefile project fileeq5.17
file_project:filefile project fileeq5.13
file_project:filefile project fileeq5.12
file_project:filefile project fileeq5.18
file_project:filefile project fileeq5.10
file_project:filefile project fileeq5.16

CPE	Name	Operator	Version
file_project:file	file project file	eq	5.21
file_project:file	file project file	eq	5.15
file_project:file	file project file	eq	5.19
file_project:file	file project file	eq	5.08
file_project:file	file project file	eq	5.17
file_project:file	file project file	eq	5.13
file_project:file	file project file	eq	5.12
file_project:file	file project file	eq	5.18
file_project:file	file project file	eq	5.10
file_project:file	file project file	eq	5.16