CLSA-2026-1777683788 file: Fix of CVE-2019-18218

CVE-2019-18218: fix heap-based buffer overflow in cdfreadpropertyinfo...

CLSA-2026-1776693102 file: Fix of CVE-2019-18218

CVE-2019-18218: fix heap-based buffer overflow in cdfreadpropertyinfo...

EUVD-2009-0944

Malware in sbrugna...

Amazon Linux AMI : php72 (ALAS-2024-1921)

The version of php72 installed on the remote host is prior to 7.2.26-1.19. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2024-1921 advisory. 2024-02-28: CVE-2019-11045 was added to this advisory. 2024-02-28: CVE-2019-11049 was added to this advisory. 2024-02-28:...

Amazon Linux AMI : php73 (ALAS-2024-1918)

The version of php73 installed on the remote host is prior to 7.3.13-1.22. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2024-1918 advisory. 2024-02-14: CVE-2019-11045 was added to this advisory. 2024-02-14: CVE-2019-11049 was added to this advisory. 2024-02-14:...

SUSE CVE-2014-0238

The cdfreadpropertyinfo function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service infinite loop or out-of-bounds memory access via a vector that 1 has zero length or 2 is too long...

file: heap-based buffer overflow in cdf_read_property_info in cdf.c

cdfreadpropertyinfo in cdf.c in file through 5.37 does not restrict the number of CDFVECTOR elements, which allows a heap-based buffer overflow 4-byte out-of-bounds write...

The vulnerability of the `cdf_read_property_info` and `cdf_read_sat` functions in the utility for determining the type of specified files related to integer overflow allows an attacker to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the cdfreadpropertyinfo and cdfreadsat functions, which are used to determine the type of the specified files, is related to integer overflow. Exploiting this vulnerability could allow an attacker to gain access to confidential data, compromise its integrity, and cause servic...

OSV-2021-1238 UNKNOWN READ in cdf_read_property_info

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=38393 Crash type: UNKNOWN READ Crash state: cdfreadpropertyinfo cdfunpacksummaryinfo cdfchecksummaryinfo...

SUSE SLED12 / SLES12 Security Update : file (SUSE-SU-2021:2930-1)

The remote SUSE Linux SLED12 / SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:2930-1 advisory. - cdfreadpropertyinfo in cdf.c in file through 5.37 does not restrict the number of CDFVECTOR elements, which allows a heap-based...

SUSE-SU-2021:2930-1 Security update for file

This update for file fixes the following issues: - CVE-2019-18218: Fixed heap-based buffer overflow in cdfreadpropertyinfo in cdf.c bsc1154661...

CVE-2009-0947

Multiple integer overflows in the 1 cdfreadpropertyinfo and 2 cdfreadsat functions in file before 5.02...

Integer overflow

Multiple integer overflows in the 1 cdfreadpropertyinfo and 2 cdfreadsat functions in file before 5.02...

CVE-2009-0947

Multiple integer overflows in the 1 cdfreadpropertyinfo and 2 cdfreadsat functions in file before 5.02...

CVE-2009-0947

Multiple integer overflows in the 1 cdfreadpropertyinfo and 2 cdfreadsat functions in file before 5.02...

OSV-2020-1280 Heap-buffer-overflow in cdf_read_property_info

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16780 Crash type: Heap-buffer-overflow WRITE 4 Crash state: cdfreadpropertyinfo cdfunpacksummaryinfo cdffilesummaryinfo...

OSV-2020-1193 Heap-buffer-overflow in cdf_read_property_info

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16634 Crash type: Heap-buffer-overflow WRITE 4 Crash state: cdfreadpropertyinfo cdfunpacksummaryinfo cdffilesummaryinfo...

EulerOS 2.0 SP3 : file (EulerOS-SA-2020-1381)

According to the version of the file packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - cdfreadpropertyinfo in cdf.c in file through 5.37 does not restrict the number of CDFVECTOR elements, which allows a heap-based buffer overflow 4-byt...

EulerOS Virtualization for ARM 64 3.0.2.0 : file (EulerOS-SA-2020-1201)

According to the version of the file packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - cdfreadpropertyinfo in cdf.c in file through 5.37 does not restrict the number of CDFVECTOR elements, which allows a...

Amazon Linux 2 : file (ALAS-2019-1370)

cdfreadpropertyinfo in cdf.c in file through 5.37 does not restrict the number of CDFVECTOR elements, which allows a heap-based buffer overflow 4-byte out-of-bounds write.CVE-2019-18218 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...