CVSS: 5.0EPSS: 15%CPEs: 79EXPL: 1CVE-2014-3478 – file: mconvert incorrect handling of truncated pascal string size
https://notcve.org/view.php?id=CVE-2014-3478
Buffer overflow in the mconvert function in softmagic.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (application crash) via a crafted Pascal string in a FILE_PSTRING conversion. Desbordamiento de buffer en la función mconvert en softmagic.c en file anterior a 5.19, utilizado en el componente Fileinfo en PHP anterior a 5.4.30 y 5.5.x anterior a 5.5.14, permite a atacantes remotos causar una denegación de servicio (caída de aplicación) a través de una cadena Pascal manipulada en una conversión FILE_PSTRING. A buffer overflow flaw was found in the way the File Information (fileinfo) extension processed certain Pascal strings. A remote attacker able to make a PHP application using fileinfo convert a specially crafted Pascal string provided by an image file could cause that application to crash. • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.html http://marc.info/?l=bugtraq&m=141017844705317&w=2 http://mx.gw.com/pipermail/file/2014/001553.html http://rhn.redhat.com/errata/RHSA-2014-1327.html http://rhn.redhat.com/errata/RHSA-2014-1765.html http://rhn.redhat.com/errata/RHSA-2014-1766.html http://secunia.com/advisories/59794 http://secunia.com/advisories/59831 http://su • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.0EPSS: 1%CPEs: 23EXPL: 4CVE-2014-3538 – file: unrestricted regular expression matching
https://notcve.org/view.php?id=CVE-2014-3538
file before 5.19 does not properly restrict the amount of data read during a regex search, which allows remote attackers to cause a denial of service (CPU consumption) via a crafted file that triggers backtracking during processing of an awk rule. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7345. file anterior a 5.19 no restringe debidamente la cantidad de datos leídos durante una búsqueda regex, lo que permite a atacantes remotos causar una denegación de servicio (consumo de CPU) a través de un fichero manipulado que provoca un retroceso durante el procesamiento de una norma awk. NOTA: esta vulnerabilidad existe debido a una soluciona incompleta para CVE-2013-7345. Multiple flaws were found in the File Information (fileinfo) extension regular expression rules for detecting various files. A remote attacker could use either of these flaws to cause a PHP application using fileinfo to consume an excessive amount of CPU. • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html http://mx.gw.com/pipermail/file/2014/001553.html http://openwall.com/lists/oss-security/2014/06/30/7 http://rhn.redhat.com/errata/RHSA-2014-1327.html http://rhn.redhat.com/errata/RHSA-2014-1765.html http://rhn.redhat.com/errata/RHSA-2014-1766.html http://rhn.redhat.com/errata/RHSA-2016-0760.html http://secunia.com/advisories/60696 http://www.debian.org/security/2014/dsa-3008 http:/ • CWE-399: Resource Management Errors •
CVSS: 5.0EPSS: 0%CPEs: 6EXPL: 2CVE-2013-7345 – file: extensive backtracking in awk rule regular expression
https://notcve.org/view.php?id=CVE-2013-7345
The BEGIN regular expression in the awk script detector in magic/Magdir/commands in file before 5.15 uses multiple wildcards with unlimited repetitions, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted ASCII file that triggers a large amount of backtracking, as demonstrated via a file with many newline characters. La expresión regular BEGIN en el detector de script de awk en el archivo magic/Magdir/commands anterior a 5.15 utiliza múltiples comodines con repeticiones ilimitadas, lo que permite a atacantes dependientes de contexto causar una denegación de servicio (consumo de CPU) a través de un archivo ASCII manipulado que provoca una gran cantidad de retroceso, como se demostró a través de un archivo con muchos caracteres de nueva línea. A denial of service flaw was found in the File Information (fileinfo) extension rules for detecting AWK files. A remote attacker could use this flaw to cause a PHP application using fileinfo to consume an excessive amount of CPU. • http://bugs.gw.com/view.php?id=164 http://rhn.redhat.com/errata/RHSA-2014-1765.html http://support.apple.com/kb/HT6443 http://www.debian.org/security/2014/dsa-2873 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=703993 https://github.com/file/file/commit/ef2329cf71acb59204dd981e2c6cce6c81fe467c https://access.redhat.com/security/cve/CVE-2013-7345 https://bugzilla.redhat.com/show_bug.cgi?id=1079846 • CWE-407: Inefficient Algorithmic Complexity •
CVSS: 4.3EPSS: 95%CPEs: 13EXPL: 0CVE-2014-2270 – file: out-of-bounds access in search rules with offsets from input file
https://notcve.org/view.php?id=CVE-2014-2270
softmagic.c in file before 5.17 and libmagic allows context-dependent attackers to cause a denial of service (out-of-bounds memory access and crash) via crafted offsets in the softmagic of a PE executable. softmagic.c en archivo anterior a 5.17 y libmagic permite a atacantes dependientes de contexto causar una denegación de servicio (acceso a memoria fuera de rango y caída) a través de desplazamientos (“offsets”) manipulados en el softmagic de un ejecutable PE. A denial of service flaw was found in the way the File Information (fileinfo) extension handled search rules. A remote attacker could use this flaw to cause a PHP application using fileinfo to crash or consume an excessive amount of CPU. • http://bugs.gw.com/view.php?id=313 http://lists.opensuse.org/opensuse-updates/2014-03/msg00034.html http://lists.opensuse.org/opensuse-updates/2014-03/msg00037.html http://lists.opensuse.org/opensuse-updates/2014-03/msg00084.html http://rhn.redhat.com/errata/RHSA-2014-1765.html http://seclists.org/oss-sec/2014/q1/473 http://seclists.org/oss-sec/2014/q1/504 http://seclists.org/oss-sec/2014/q1/505 http://support.apple.com/kb/HT6443 http://www.debian.or • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 4.3EPSS: 1%CPEs: 2EXPL: 2CVE-2012-1571 – file: out of bounds read in CDF parser
https://notcve.org/view.php?id=CVE-2012-1571
file before 5.11 and libmagic allow remote attackers to cause a denial of service (crash) via a crafted Composite Document File (CDF) file that triggers (1) an out-of-bounds read or (2) an invalid pointer dereference. archivo antes de v5.11 y libmagic permite a atacantes remotos provocar una denegación de servicio (caída) a través de un archivo de documento elaborado compuesto (CDF) que activa (1) una lectura fuera de límites o (2) una desreferencia de puntero no válido. A denial of service flaw was found in the way the File Information (fileinfo) extension parsed certain Composite Document Format (CDF) files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file. • http://mx.gw.com/pipermail/file/2012/000914.html http://www.debian.org/security/2012/dsa-2422 http://www.mandriva.com/security/advisories?name=MDVSA-2012:035 http://www.ubuntu.com/usn/USN-2123-1 https://github.com/glensc/file/commit/1859fdb4e67c49c463c4e0078054335cd46ba295 https://github.com/glensc/file/commit/1aec04dbf8a24b8a6ba64c4f74efa0628e36db0b https://access.redhat.com/security/cve/CVE-2012-1571 https://bugzilla.redhat.com/show_bug.cgi?id=805197 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •