Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-2278-1
HistoryJul 15, 2014 - 12:00 a.m.

file vulnerabilities

2014-07-1500:00:00
ubuntu.com
56

9.7 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.157 Low

EPSS

Percentile

95.9%

JSON

Releases

  • Ubuntu 14.04 ESM
  • Ubuntu 13.10
  • Ubuntu 12.04
  • Ubuntu 10.04

Packages

  • file - Tool to determine file types

Details

Mike Frysinger discovered that the file awk script detector used multiple
wildcard with unlimited repetitions. An attacker could use this issue to
cause file to consume resources, resulting in a denial of service.
(CVE-2013-7345)

Francisco Alonso discovered that file incorrectly handled certain CDF
documents. A attacker could use this issue to cause file to hang or crash,
resulting in a denial of service. (CVE-2014-0207, CVE-2014-3478,
CVE-2014-3479, CVE-2014-3480, CVE-2014-3487)

Jan KaluΕΎa discovered that file did not properly restrict the amount of
data read during regex searches. An attacker could use this issue to
cause file to consume resources, resulting in a denial of service.
(CVE-2014-3538)

OSVersionArchitecturePackageVersionFilename
Ubuntu14.04noarchfile<Β 1:5.14-2ubuntu3.1UNKNOWN
Ubuntu14.04noarchfile-dbg<Β 1:5.14-2ubuntu3.1UNKNOWN
Ubuntu14.04noarchlibmagic-dev<Β 1:5.14-2ubuntu3.1UNKNOWN
Ubuntu14.04noarchlibmagic1<Β 1:5.14-2ubuntu3.1UNKNOWN
Ubuntu13.10noarchfile<Β 5.11-2ubuntu4.3UNKNOWN
Ubuntu13.10noarchlibmagic-dev<Β 5.11-2ubuntu4.3UNKNOWN
Ubuntu13.10noarchlibmagic1<Β 5.11-2ubuntu4.3UNKNOWN
Ubuntu12.04noarchfile<Β 5.09-2ubuntu0.4UNKNOWN
Ubuntu12.04noarchlibmagic-dev<Β 5.09-2ubuntu0.4UNKNOWN
Ubuntu12.04noarchlibmagic1<Β 5.09-2ubuntu0.4UNKNOWN
Rows per page:
1-10 of 171

Related

openvas 49
nessus 52
mageia 7
amazon 8
osv 7
fedora 4
debian 12
securityvulns 3
f5 4
slackware 2
ubuntu 1
prion 7
debiancve 7
ubuntucve 7
veracode 9
cve 7
oraclelinux 4
redhat 5
centos 2
ibm 1
gentoo 1
openvas
openvas
Ubuntu: Security Advisory (USN-2278-1)
2014-07-21 00:00:00
Mageia: Security Advisory (MGASA-2014-0282)
2022-01-28 00:00:00
Amazon Linux: Security Advisory (ALAS-2014-382)
2015-09-08 00:00:00
nessus
nessus
Ubuntu 14.04 LTS : file vulnerabilities (USN-2278-1)
2014-07-16 00:00:00
Mandriva Linux Security Advisory : file (MDVSA-2014:131)
2014-07-10 00:00:00
Amazon Linux AMI : file (ALAS-2014-382)
2014-10-12 00:00:00
mageia
mageia
Updated file packages fix security vulnerabilities
2014-07-04 22:26:27
Updated php packages fix multiple vulnerabilities
2014-07-09 02:30:04
Updated php packages fix multiple vulnerabilities
2014-07-09 02:29:20
amazon
amazon
Medium: file
2014-07-23 13:57:00
Medium: php54
2014-07-09 16:24:00
Medium: php55
2014-07-09 16:42:00
osv
osv
file - security update
2014-09-09 00:00:00
php5 - security update
2014-07-08 00:00:00
file - security update
2014-07-31 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: file-5.19-1.fc20
2014-07-05 14:54:09
[SECURITY] Fedora 20 Update: php-5.5.14-1.fc20
2014-06-30 10:25:38
[SECURITY] Fedora 19 Update: php-5.5.14-1.fc19
2014-07-08 00:57:33
debian
debian
[DLA 27-1] file security update
2014-07-31 14:49:38
[SECURITY] [DSA 3021-1] file security update
2014-09-09 13:18:31
[SECURITY] [DSA 2974-1] php5 security update
2014-07-08 21:35:04
securityvulns
securityvulns
file / PHP multiple security vulnerabilities
2014-07-14 00:00:00
[USN-2276-1] PHP vulnerabilities
2014-07-14 00:00:00
[slackware-security] php &#40;SSA:2014-111-02&#41;
2014-05-04 00:00:00
f5
f5
SOL15498 - Multiple PHP vulnerabilities
2014-08-12 00:00:00
K15498 : Multiple PHP vulnerabilities
2014-08-12 00:00:00
K15303 : PHP vulnerability CVE-2013-7345
2014-06-05 00:00:00
slackware
slackware
[slackware-security] php
2014-07-12 03:48:04
[slackware-security] php
2014-04-21 21:13:00
ubuntu
ubuntu
PHP vulnerabilities
2014-07-09 00:00:00
prion
prion
Design/Logic Flaw
2014-07-03 14:55:00
Design/Logic Flaw
2014-03-24 16:31:00
Design/Logic Flaw
2014-07-09 11:07:00
debiancve
debiancve
CVE-2014-3538
2014-07-03 14:55:00
CVE-2013-7345
2014-03-24 16:31:00
CVE-2014-3487
2014-07-09 11:07:00
ubuntucve
ubuntucve
CVE-2013-7345
2014-03-24 00:00:00
CVE-2014-3538
2014-07-03 00:00:00
CVE-2014-3479
2014-07-09 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:11:28
Denial Of Service (DoS)
2019-05-02 05:04:17
Denial Of Service (DoS)
2019-05-02 05:04:16
cve
cve
CVE-2014-3538
2014-07-03 14:55:00
CVE-2013-7345
2014-03-24 16:31:00
CVE-2014-3487
2014-07-09 11:07:00
oraclelinux
oraclelinux
php security update
2014-08-06 00:00:00
file security and bug fix update
2015-11-23 00:00:00
php security update
2014-09-30 00:00:00
redhat
redhat
(RHSA-2014:1013) Moderate: php security update
2014-08-06 00:00:00
(RHSA-2015:2155) Moderate: file security and bug fix update
2015-11-19 14:41:30
(RHSA-2014:1765) Important: php54-php security update
2014-10-30 00:00:00
centos
centos
php security update
2014-08-06 14:38:20
file, python security update
2015-11-30 19:28:42
ibm
ibm
Security Bulletin: Multiple vulnerabilities in file affect PowerKVM
2018-06-18 01:30:43
gentoo
gentoo
file: Denial of service
2014-08-26 00:00:00

9.7 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.157 Low

EPSS

Percentile

95.9%

JSON
Related for USN-2278-1
openvas49nessus52mageia7amazon8osv7fedora4debian12securityvulns3f54slackware2ubuntu1prion7debiancve7ubuntucve7veracode9cve7oraclelinux4redhat5centos2ibm1gentoo1