UbuntuUSN-2123-1file vulnerabilities
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
9.6 High
AI Score
Confidence
High
0.058 Low
EPSS
Percentile
93.4%
Releases
- Ubuntu 13.10
- Ubuntu 12.10
- Ubuntu 12.04
- Ubuntu 10.04
Packages
- file - Tool to determine file types
Details
It was discovered that file incorrectly handled Composite Document files.
An attacker could use this issue to cause file to crash, resulting in a
denial of service. This issue only affected Ubuntu 10.04 LTS and Ubuntu
12.04 LTS. (CVE-2012-1571)
Bernd Melchers discovered that file incorrectly handled indirect offset
values. An attacker could use this issue to cause file to consume resources
or crash, resulting in a denial of service. (CVE-2014-1943)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 13.10 | noarch | libmagic1 | < 5.11-2ubuntu4.1 | UNKNOWN |
| Ubuntu | 13.10 | noarch | file | < 5.11-2ubuntu4.1 | UNKNOWN |
| Ubuntu | 13.10 | noarch | libmagic-dev | < 5.11-2ubuntu4.1 | UNKNOWN |
| Ubuntu | 12.10 | noarch | libmagic1 | < 5.11-2ubuntu0.1 | UNKNOWN |
| Ubuntu | 12.10 | noarch | file | < 5.11-2ubuntu0.1 | UNKNOWN |
| Ubuntu | 12.10 | noarch | libmagic-dev | < 5.11-2ubuntu0.1 | UNKNOWN |
| Ubuntu | 12.10 | noarch | python-magic | < 5.11-2ubuntu0.1 | UNKNOWN |
| Ubuntu | 12.10 | noarch | python-magic-dbg | < 5.11-2ubuntu0.1 | UNKNOWN |
| Ubuntu | 12.04 | noarch | libmagic1 | < 5.09-2ubuntu0.2 | UNKNOWN |
| Ubuntu | 12.04 | noarch | file | < 5.09-2ubuntu0.2 | UNKNOWN |
Related
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
9.6 High
AI Score
Confidence
High
0.058 Low
EPSS
Percentile
93.4%