5

CVE-2014-8117

softmagic.c in file before 5.21 does not properly limit recursion, which allows remote attackers to cause a denial of service (CPU consumption or crash) via unspecified vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
File ProjectFile Version <= 5.20
MageiaMageia Version4.0
CanonicalUbuntu Linux Version10.04 SwEditionlts
CanonicalUbuntu Linux Version12.04 SwEditionlts
CanonicalUbuntu Linux Version14.04 SwEditionlts
CanonicalUbuntu Linux Version14.10
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 5.93% 0.923
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
http://rhn.redhat.com/errata/RHSA-2016-0760.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
http://www.securitytracker.com/id/1031344
Third Party Advisory
VDB Entry
http://www.ubuntu.com/usn/USN-2494-1
Third Party Advisory
https://www.freebsd.org/security/advisories/FreeBSD-SA-14:28.file.asc
Vendor Advisory
http://advisories.mageia.org/MGASA-2015-0040.html
Third Party Advisory
http://seclists.org/oss-sec/2014/q4/1056
Third Party Advisory
Mailing List
http://secunia.com/advisories/61944
http://secunia.com/advisories/62081
https://github.com/file/file/blob/00cef282a902a4a6709bbbbb933ee397768caa38/ChangeLog
Patch
Issue Tracking
http://www.securityfocus.com/bid/71692
http://www.ubuntu.com/usn/USN-2535-1
Third Party Advisory
https://github.com/file/file/commit/6f737ddfadb596d7d4a993f7ed2141ffd664a81c
Patch
Issue Tracking