Debian DLA-131-1 : file security update

Multiple security issues have been found in file, a tool/library to determine a file type. Processing a malformed file could result in denial of service. Most of the changes are related to parsing ELF files. As part of the fixes, several limits on aspects of the detection were added or tightened,...

USN-2494-1 file vulnerabilities

Francisco Alonso discovered that file incorrectly handled certain ELF files. An attacker could use this issue to cause file to crash, resulting in a denial of service. CVE-2014-3710 Thomas Jarosch discovered that file incorrectly handled certain ELF files. An attacker could use this issue to caus...

CVE-2014-8117

CVE-2014-8117 affects the file utility; the softmagic.c code path in file before 5.21 does not properly limit recursion, enabling a remote attacker to trigger a denial of service (CPU consumption or crash) via unspecified vectors. Connected advisories confirm this issue alongside CVE-2014-8116 an...

Multiple Vendors libc/fnmatch(3) DoS (incl apache poc)

Multiple Vendors libc/fnmatch3 DoS incl apache poc Author: Maksymilian Arciemowicz http://netbsd.org/donations/ http://securityreason.com/ http://cxib.net/ Date: - Dis.: 29.01.2011 - Pub.: 13.05.2011 CVE: CVE-2011-0419 CWE: CWE-399 Affected Software verified: - Apache 2.2.17 - NetBSD 5.1 - OpenBS...