File Security Vulnerabilities and Issues — File CVE List

Lucene search

File ProjectFile

6 matches found

CVE•added 2014/07/09 11:7 a.m.•255 views

CVE-2014-3479

The cdf_check_stream_offset function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, relies on incorrect sector-size data, which allows remote attackers to cause a denial of service (application crash) via a crafted stream offset in a CD...

4.3CVSS8.9AI score0.14559EPSS

CVE•added 2014/07/09 11:7 a.m.•240 views

CVE-2014-3480

The cdf_count_chain function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate sector-count data, which allows remote attackers to cause a denial of service (application crash) via a crafted CDF file.

4.3CVSS8.9AI score0.14559EPSS

CVE•added 2014/07/09 11:7 a.m.•230 views

CVE-2014-3487

The cdf_read_property_info function in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate a stream offset, which allows remote attackers to cause a denial of service (application crash) via a crafted CDF file.

4.3CVSS8.8AI score0.18223EPSS

CVE•added 2019/02/18 5:29 p.m.•206 views

CVE-2019-8905

do_core_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to file_printable, a different vulnerability than CVE-2018-10360.

4.4CVSS5.9AI score0.0069EPSS

CVE•added 2019/02/18 5:29 p.m.•190 views

CVE-2019-8906

do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is misused.

4.4CVSS4.8AI score0.0009EPSS

CVE•added 2014/03/14 3:55 p.m.•163 views

CVE-2014-2270

softmagic.c in file before 5.17 and libmagic allows context-dependent attackers to cause a denial of service (out-of-bounds memory access and crash) via crafted offsets in the softmagic of a PE executable.

4.3CVSS5.6AI score0.3696EPSS