Lucene search
DebianDEBIAN:DLA-204-1:A06D6HistoryApr 19, 2015 - 1:06 p.m.
[SECURITY] [DLA 204-1] file security update
2015-04-1913:06:12
lists.debian.org
14
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.06 Low
EPSS
Percentile
93.4%
Package : file
Version : 5.04-5+squeeze10
CVE ID : CVE-2014-9653
Debian Bug : 777585
This update fixes the following issue in the file package:
CVE-2014-9653
readelf.c does not consider that pread calls sometimes read only
a subset of the available data, which allows remote attackers to
cause a denial of service (uninitialized memory access) or
possibly have unspecified other impact via a crafted ELF file.
Attachment:
signature.asc
Description: Digital signature
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 7 | armel | libmagic-dev | < 5.11-2+deb7u8 | libmagic-dev_5.11-2+deb7u8_armel.deb |
| Debian | 7 | mipsel | file | < 5.11-2+deb7u8 | file_5.11-2+deb7u8_mipsel.deb |
| Debian | 7 | ia64 | file | < 5.11-2+deb7u8 | file_5.11-2+deb7u8_ia64.deb |
| Debian | 7 | powerpc | python-magic-dbg | < 5.11-2+deb7u8 | python-magic-dbg_5.11-2+deb7u8_powerpc.deb |
| Debian | 7 | armel | python-magic-dbg | < 5.11-2+deb7u8 | python-magic-dbg_5.11-2+deb7u8_armel.deb |
| Debian | 7 | armel | python-magic | < 5.11-2+deb7u8 | python-magic_5.11-2+deb7u8_armel.deb |
| Debian | 7 | kfreebsd-amd64 | python-magic | < 5.11-2+deb7u8 | python-magic_5.11-2+deb7u8_kfreebsd-amd64.deb |
| Debian | 7 | ia64 | python-magic-dbg | < 5.11-2+deb7u8 | python-magic-dbg_5.11-2+deb7u8_ia64.deb |
| Debian | 7 | s390 | python-magic-dbg | < 5.11-2+deb7u8 | python-magic-dbg_5.11-2+deb7u8_s390.deb |
| Debian | 7 | mipsel | python-magic | < 5.11-2+deb7u8 | python-magic_5.11-2+deb7u8_mipsel.deb |
Related
openvas
openvas
Debian Security Advisory DSA 3196-1 (file - security update)
2015-03-18 00:00:00
Debian: Security Advisory (DLA-204-1)
2023-03-08 00:00:00
Debian: Security Advisory (DSA-3196-1)
2015-03-17 00:00:00
cve
cve
CVE-2014-9653
2015-03-30 10:59:00
prion
prion
Design/Logic Flaw
2015-03-30 10:59:00
nessus
nessus
Debian DSA-3196-1 : file - security update
2015-03-19 00:00:00
Debian DLA-204-1 : file security update
2015-04-20 00:00:00
GLSA-201701-42 : file: Multiple vulnerabilities
2017-01-18 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 8 package file version 4.26-alt13
2017-03-28 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 3196-1] file security update
2015-03-18 00:00:00
libmagic / file / fileinfo / PHP security vulnerabilities
2015-03-18 00:00:00
ubuntucve
ubuntucve
CVE-2014-9653
2015-03-30 00:00:00
debiancve
debiancve
CVE-2014-9653
2015-03-30 10:59:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:29:34
osv
osv
file - security update
2015-04-19 00:00:00
debian
debian
[SECURITY] [DSA 3196-1] file security update
2015-03-18 17:58:15
gentoo
gentoo
file: Multiple vulnerabilities
2017-01-17 00:00:00
cloudfoundry
cloudfoundry
USN-3686-1: file vulnerabilities | Cloud Foundry
2018-06-20 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: file-5.22-2.fc21
2015-02-18 05:55:37
ubuntu
ubuntu
file vulnerabilities
2018-06-14 00:00:00
amazon
amazon
Medium: file
2015-03-23 08:32:00
redhat
redhat
(RHSA-2016:0760) Moderate: file security, bug fix, and enhancement update
2016-05-10 06:42:18
(RHSA-2015:2155) Moderate: file security and bug fix update
2015-11-19 14:41:30
centos
centos
file, python security update
2016-05-16 10:13:44
file, python security update
2015-11-30 19:28:42
ibm
ibm
Security Bulletin: Multiple vulnerabilities in file affect IBM Security Network Protection
2018-06-16 21:43:49
Security Bulletin: File vulnerabilities affect IBM SmartClound Entry
2020-07-19 00:49:12
Security Bulletin: Multiple vulnerabilities in file affect PowerKVM
2018-06-18 01:30:43
oraclelinux
oraclelinux
file security, bug fix, and enhancement update
2016-05-12 00:00:00
file security and bug fix update
2015-11-23 00:00:00
kaspersky
kaspersky
KLA10514 Multiple vulnerabilities in PHP and plugins
2015-03-30 00:00:00
cloudlinux
cloudlinux
Fix of 227 CVE
2020-10-15 12:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1950
2021-07-02 17:57:45
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.06 Low
EPSS
Percentile
93.4%
Related for DEBIAN:DLA-204-1:A06D6