4 matches found
UBUNTU-CVE-2024-42415
An integer overflow vulnerability exists in the Compound Document Binary File format parser of v1.14.52 of the GNOME Project G Structured File Library libgsf. A specially crafted file can result in an integer overflow that allows for a heap-based buffer overflow when processing the sector...
file: CDF property info parsing nelements infinite loop
A denial of service flaw was found in the way the File Information fileinfo extension parsed certain Composite Document Format CDF files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file...
file: cdf_read_short_sector insufficient boundary check
A denial of service flaw was found in the way the File Information fileinfo extension parsed certain Composite Document Format CDF files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file...
USN-2369-1 file vulnerability
It was discovered that file incorrectly handled certain CDF documents. A attacker could use this issue to cause file to hang or crash, resulting in a denial of service...