Page 4 of 17 results (0.012 seconds)

CVSS: 9.3EPSS: 4%CPEs: 1EXPL: 1

Integer underflow in the file_printf function in the "file" program before 4.20 allows user-assisted attackers to execute arbitrary code via a file that triggers a heap-based buffer overflow. Un subdesbordamiento de enteros en la función file_printf en el programa "file" anterior a versión 4.20, permite a los atacantes asistidos por el usuario ejecutar código arbitrario por medio de un archivo que desencadena un desbordamiento de búfer en la región heap de la memoria. • https://www.exploit-db.com/exploits/29753 ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-001.txt.asc http://docs.info.apple.com/article.html?artnum=305530 http://lists.apple.com/archives/security-announce/2007/May/msg00004.html http://mx.gw.com/pipermail/file/2007/000161.html http://openbsd.org/errata40.html#015_file http://secunia.com/advisories/24548 http://secunia.com/advisories/24592 http://secunia.com/advisories/24604 http://secunia.com/advisories • CWE-189: Numeric Errors •

CVSS: 10.0EPSS: 0%CPEs: 16EXPL: 1

Stack-based buffer overflow in the ELF header parsing code in file before 4.12 allows attackers to execute arbitrary code via a crafted ELF file. • https://www.exploit-db.com/exploits/24784 http://securitytracker.com/id?1012433 http://www.gentoo.org/security/en/glsa/glsa-200412-07.xml http://www.securityfocus.com/bid/11771 http://www.trustix.net/errata/2004/0063 https://exchange.xforce.ibmcloud.com/vulnerabilities/18368 •