OSV-2020-190 Use-of-uninitialized-value in file_vprintf

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20729 Crash type: Use-of-uninitialized-value Crash state: filevprintf fileprintf filebuffer...

OSV-2020-97 Use-of-uninitialized-value in file_vprintf

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20702 Crash type: Use-of-uninitialized-value Crash state: filevprintf fileprintf mget...

CVE-2019-8904

dobidnote in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to fileprintf and filevprintf...

CVE-2019-8904

dobidnote in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to fileprintf and filevprintf...

CVE-2019-8904

dobidnote in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to fileprintf and filevprintf...

CVE-2019-8904

dobidnote in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to fileprintf and filevprintf...

CVE-2019-8904

dobidnote in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to fileprintf and filevprintf...

CVE-2014-0237

The cdfunpacksummaryinfo function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service performance degradation by triggering many fileprintf calls...

CVE-2014-0237

The cdfunpacksummaryinfo function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service performance degradation by triggering many fileprintf calls...

UBUNTU-CVE-2014-0237

The cdfunpacksummaryinfo function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service performance degradation by triggering many fileprintf calls...

SuSE9 Security Update : file (YOU Patch Number 11530)

This update fixes an integer overflow in function fileprintf of file. This bug can be used to execute arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

openSUSE 10 Security Update : file (file-3449)

This update fixes an integer overflow in function fileprintf of file. This bug can be used to execute arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update file-3449. The text...

FreeBSD : FreeBSD -- heap overflow in file(1) (8e01ab5b-0949-11dc-8163-000e0c2e438a)

When writing data into a buffer in the fileprintf function, the length of the unused portion of the buffer is not correctly tracked, resulting in a buffer overflow when processing certain files. Impact : An attacker who can cause file1 to be run on a maliciously constructed input can cause file1 ...

FreeBSD -- heap overflow in file(1)

Problem Description: When writing data into a buffer in the fileprintf function, the length of the unused portion of the buffer is not correctly tracked, resulting in a buffer overflow when processing certain files. Impact: An attacker who can cause file1 to be run on a maliciously constructed...

file 4.20 fixes a heap overflow in that can result in arbitrary code execution

Integer underflow in the fileprintf function in the "file" program before 4.20 allows user-assisted attackers to execute arbitrary code via a file that triggers a heap-based buffer overflow...

DEBIAN-CVE-2007-1536

Integer underflow in the fileprintf function in the "file" program before 4.20 allows user-assisted attackers to execute arbitrary code via a file that triggers a heap-based buffer overflow...

Design/Logic Flaw

Integer underflow in the fileprintf function in the "file" program before 4.20 allows user-assisted attackers to execute arbitrary code via a file that triggers a heap-based buffer overflow...