Lucene search
DebianDEBIAN:DLA-86-1:30DC8HistoryNov 12, 2014 - 4:17 p.m.
[SECURITY] [DLA 86-1] file security update
2014-11-1216:17:29
lists.debian.org
14
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.042 Low
EPSS
Percentile
92.2%
Package : file
Version : 5.04-5+squeeze8
CVE ID : CVE-2014-3710
Debian Bug : 768806
Francisco Alonso of Red Hat Product Security found an issue in the file
utility: when checking ELF files, note headers are incorrectly checked,
thus potentially allowing attackers to cause a denial of service
(out-of-bounds read and application crash) by supplying a specially
crafted ELF file.
For the long-term stable distribution (squeeze-lts), this problem has been
fixed in version 5.04-5+squeeze8.
Attachment:
signature.asc
Description: Digital signature
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 7 | kfreebsd-amd64 | php5-sqlite | < 5.4.35-0+deb7u1 | php5-sqlite_5.4.35-0+deb7u1_kfreebsd-amd64.deb |
| Debian | 6 | i386 | php5-common | < 5.3.3-7+squeeze23 | php5-common_5.3.3-7+squeeze23_i386.deb |
| Debian | 7 | armel | php5-pgsql | < 5.4.35-0+deb7u1 | php5-pgsql_5.4.35-0+deb7u1_armel.deb |
| Debian | 7 | i386 | php5-pspell | < 5.4.35-0+deb7u1 | php5-pspell_5.4.35-0+deb7u1_i386.deb |
| Debian | 7 | powerpc | php5-xsl | < 5.4.35-0+deb7u1 | php5-xsl_5.4.35-0+deb7u1_powerpc.deb |
| Debian | 7 | ia64 | libmagic1 | < 5.11-2+deb7u6 | libmagic1_5.11-2+deb7u6_ia64.deb |
| Debian | 7 | kfreebsd-amd64 | php5-snmp | < 5.4.35-0+deb7u1 | php5-snmp_5.4.35-0+deb7u1_kfreebsd-amd64.deb |
| Debian | 7 | mips | php5-enchant | < 5.4.35-0+deb7u1 | php5-enchant_5.4.35-0+deb7u1_mips.deb |
| Debian | 7 | mips | libphp5-embed | < 5.4.35-0+deb7u1 | libphp5-embed_5.4.35-0+deb7u1_mips.deb |
| Debian | 7 | armel | libapache2-mod-php5filter | < 5.4.35-0+deb7u1 | libapache2-mod-php5filter_5.4.35-0+deb7u1_armel.deb |
Related
openvas
openvas
Debian Security Advisory DSA 3072-1 (file - security update)
2014-11-11 00:00:00
SUSE: Security Advisory (SUSE-SU-2014:1555-1)
2021-04-19 00:00:00
Debian: Security Advisory (DSA-3072-1)
2014-11-10 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: file-5.19-7.fc21
2014-11-10 06:44:48
[SECURITY] Fedora 20 Update: file-5.19-7.fc20
2014-10-29 11:03:54
nessus
nessus
openSUSE Security Update : file (openSUSE-SU-2014:1516-1)
2014-11-28 00:00:00
Mandriva Linux Security Advisory : file (MDVSA-2014:236)
2014-11-30 00:00:00
Debian DLA-86-1 : file security update
2015-03-26 00:00:00
f5
f5
K15898 : PHP vulnerability CVE-2014-3710
2014-12-08 00:00:00
SOL15898 - PHP vulnerability CVE-2014-3710
2014-12-08 00:00:00
amazon
amazon
debiancve
debiancve
CVE-2014-3710
2014-11-05 11:55:00
mageia
mageia
Updated php packages fix security vulnerability
2014-11-12 12:56:47
Updated [package] package fix CVE-2014-3710
2014-10-31 18:53:38
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:04:21
Denial Of Service (DoS)
2019-05-02 05:04:17
Denial Of Service (DoS)
2019-05-02 05:04:16
debian
debian
[SECURITY] [DSA 3074-1] php5 security update
2014-11-18 21:10:45
[SECURITY] [DSA 3072-1] file security update
2014-11-12 09:19:45
[SECURITY] [DLA 94-1] php5 security update
2014-11-25 21:53:34
prion
prion
Out-of-bounds
2014-11-05 11:55:00
ubuntucve
ubuntucve
CVE-2014-3710
2014-10-24 00:00:00
archlinux
archlinux
file: denial of service through out-of-bounds read
2014-11-12 00:00:00
php: denial of service
2014-11-13 00:00:00
osv
osv
php5 - security update
2014-11-18 00:00:00
file - security update
2014-11-11 00:00:00
php5 - security update
2014-11-25 00:00:00
cve
cve
CVE-2014-3710
2014-11-05 11:55:00
securityvulns
securityvulns
[slackware-security] php (SSA:2014-356-02)
2014-12-23 00:00:00
FreeBSD Security Advisory FreeBSD-SA-14:28.file
2014-12-10 00:00:00
PHP/fileinfo/file DoS
2014-06-14 00:00:00
slackware
slackware
[slackware-security] php
2014-12-23 05:38:55
ubuntu
ubuntu
file vulnerabilities
2015-02-04 00:00:00
php5 vulnerabilities
2014-10-30 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-14:28.file
2014-12-10 00:00:00
freebsd
freebsd
file -- multiple vulnerabilities
2014-12-16 00:00:00
oraclelinux
oraclelinux
php security update
2014-10-30 00:00:00
php53 security update
2014-10-30 00:00:00
file security, bug fix, and enhancement update
2016-05-12 00:00:00
centos
centos
php53 security update
2014-10-31 14:37:09
php security update
2014-10-31 13:14:51
file, python security update
2016-05-16 10:13:44
redhat
redhat
(RHSA-2014:1767) Important: php security update
2014-10-30 00:00:00
(RHSA-2014:1768) Important: php53 security update
2014-10-30 00:00:00
(RHSA-2016:0760) Moderate: file security, bug fix, and enhancement update
2016-05-10 06:42:18
gentoo
gentoo
file: Multiple vulnerabilities
2017-01-17 00:00:00
PHP: Multiple vulnerabilities
2015-03-08 00:00:00
ibm
ibm
Security Bulletin: Multiple vulnerabilities in file affect IBM Security Network Protection
2018-06-16 21:43:49
Security Bulletin: File vulnerabilities affect IBM SmartClound Entry
2020-07-19 00:49:12
Security Bulletin: Multiple vulnerabilities in file affect PowerKVM
2018-06-18 01:30:43
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.042 Low
EPSS
Percentile
92.2%
Related for DEBIAN:DLA-86-1:30DC8