Lucene search
Gentoo FoundationMGASA-2014-0282HistoryJul 04, 2014 - 10:26 p.m.
Updated file packages fix security vulnerabilities
2014-07-0422:26:27
Gentoo Foundation
advisories.mageia.org
19
0.157 Low
EPSS
Percentile
95.9%
A flaw was found in the way file parsed property information from Composite Document Files (CDF) files, where the mconvert() function did not correctly compute the truncated pascal string size (CVE-2014-3478). Multiple flaws were found in the way file parsed property information from Composite Document Files (CDF) files, due to insufficient boundary checks on buffers (CVE-2014-3479, CVE-2014-3480, CVE-2014-3487). Note: these issues were announced as part of the upstream PHP 5.4.30 release, as PHP bundles file’s libmagic library. Their announcement also references an issue in CDF file parsing, CVE-2014-0207, which was previously fixed in the file package in MGASA-2014-0252, but was not announced at that time.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 3 | noarch | file | <Â 5.12-8.5 | file-5.12-8.5.mga3 |
| Mageia | 4 | noarch | file | <Â 5.16-1.4 | file-5.16-1.4.mga4 |
Related
nessus
nessus
Mandriva Linux Security Advisory : file (MDVSA-2014:131)
2014-07-10 00:00:00
openSUSE Security Update : php / php5 / php53 (openSUSE-SU-2014:0925-1)
2014-07-24 00:00:00
Ubuntu 14.04 LTS : file vulnerabilities (USN-2278-1)
2014-07-16 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2014-0282)
2022-01-28 00:00:00
PHP Multiple Vulnerabilities - 01 (Jul 2014)
2014-07-18 00:00:00
Debian Security Advisory DSA 2974-1 (php5 - security update)
2014-07-08 00:00:00
debian
debian
[DLA 27-1] file security update
2014-07-31 14:49:38
[SECURITY] [DSA 2974-1] php5 security update
2014-07-08 21:35:04
[SECURITY] [DSA 2974-1] php5 security update
2014-07-08 21:34:45
osv
osv
php5 - security update
2014-07-08 00:00:00
file - security update
2014-07-31 00:00:00
file - security update
2014-09-09 00:00:00
ubuntu
ubuntu
file vulnerabilities
2014-07-15 00:00:00
PHP vulnerabilities
2014-07-09 00:00:00
mageia
mageia
Updated php packages fix multiple vulnerabilities
2014-07-09 02:30:04
Updated php packages fix multiple vulnerabilities
2014-07-09 02:29:20
f5
f5
SOL15498 - Multiple PHP vulnerabilities
2014-08-12 00:00:00
K15498 : Multiple PHP vulnerabilities
2014-08-12 00:00:00
slackware
slackware
[slackware-security] php
2014-07-12 03:48:04
amazon
amazon
fedora
fedora
[SECURITY] Fedora 20 Update: php-5.5.14-1.fc20
2014-06-30 10:25:38
[SECURITY] Fedora 20 Update: file-5.19-1.fc20
2014-07-05 14:54:09
[SECURITY] Fedora 19 Update: php-5.5.14-1.fc19
2014-07-08 00:57:33
securityvulns
securityvulns
[USN-2276-1] PHP vulnerabilities
2014-07-14 00:00:00
file / PHP multiple security vulnerabilities
2014-07-14 00:00:00
APPLE-SA-2014-09-17-3 OS X Mavericks 10.9.5 and Security Update 2014-004
2014-09-21 00:00:00
oraclelinux
oraclelinux
php security update
2014-08-06 00:00:00
file security and bug fix update
2015-11-23 00:00:00
file security and bug fix update
2014-10-15 00:00:00
redhat
redhat
(RHSA-2014:1013) Moderate: php security update
2014-08-06 00:00:00
(RHSA-2015:2155) Moderate: file security and bug fix update
2015-11-19 14:41:30
(RHSA-2014:1766) Important: php55-php security update
2014-10-30 00:00:00
centos
centos
php security update
2014-08-06 14:38:20
file, python security update
2015-11-30 19:28:42
file, python security update
2014-10-20 18:08:44
ibm
ibm
Security Bulletin: Multiple vulnerabilities in file affect PowerKVM
2018-06-18 01:30:43
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:04:19
Denial Of Service (DoS)
2019-05-02 05:04:18
Denial Of Service (DoS)
2019-05-02 05:04:19
cve
cve
prion
prion
Buffer overflow
2014-07-09 11:07:00
Design/Logic Flaw
2014-07-09 11:07:00
Command injection
2014-07-09 11:07:00
ubuntucve
ubuntucve
debiancve
debiancve
cvelist
cvelist
freebsd
freebsd
PHP multiple vulnerabilities
2014-08-14 00:00:00
suse
suse
Security update for php53 (important)
2016-06-21 13:08:17
rosalinux
rosalinux
Advisory ROSA-SA-2021-1950
2021-07-02 17:57:45