Lucene search

K
mageiaGentoo FoundationMGASA-2014-0439
HistoryOct 31, 2014 - 6:53 p.m.

Updated [package] package fix CVE-2014-3710

2014-10-3118:53:38
Gentoo Foundation
advisories.mageia.org
27

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

EPSS

0.063

Percentile

93.6%

Updated file packages fix security vulnerability: An out-of-bounds read flaw was found in file’s donote() function in the way the file utility determined the note headers of a elf file. This could possibly lead to file executable crash (CVE-2014-3710).

OSVersionArchitecturePackageVersionFilename
Mageia3noarchfile< 5.12-8.8file-5.12-8.8.mga3
Mageia4noarchfile< 5.16-1.7file-5.16-1.7.mga4

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

EPSS

0.063

Percentile

93.6%