File@* Security Vulnerabilities and Issues — File@* CVE List

Lucene search

File ProjectFile*

5 matches found

CVE•added 2014/07/09 11:7 a.m.•255 views

CVE-2014-3479

The cdf_check_stream_offset function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, relies on incorrect sector-size data, which allows remote attackers to cause a denial of service (application crash) via a crafted stream offset in a CD...

4.3CVSS8.9AI score0.14559EPSS

CVE•added 2014/07/09 11:7 a.m.•240 views

CVE-2014-3480

The cdf_count_chain function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate sector-count data, which allows remote attackers to cause a denial of service (application crash) via a crafted CDF file.

4.3CVSS8.9AI score0.14559EPSS

CVE•added 2014/07/09 11:7 a.m.•230 views

CVE-2014-3487

The cdf_read_property_info function in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate a stream offset, which allows remote attackers to cause a denial of service (application crash) via a crafted CDF file.

4.3CVSS8.8AI score0.18223EPSS

CVE•added 2014/03/14 3:55 p.m.•163 views

CVE-2014-2270

softmagic.c in file before 5.17 and libmagic allows context-dependent attackers to cause a denial of service (out-of-bounds memory access and crash) via crafted offsets in the softmagic of a PE executable.

4.3CVSS5.6AI score0.3696EPSS

CVE•added 2014/12/17 7:59 p.m.•94 views

CVE-2014-8117

softmagic.c in file before 5.21 does not properly limit recursion, which allows remote attackers to cause a denial of service (CPU consumption or crash) via unspecified vectors.

5CVSS7.1AI score0.08841EPSS