Summary
| Detail | |||
|---|---|---|---|
| Vendor | Christos Zoulas | First view | 2009-05-04 |
| Product | File | Last view | 2014-08-22 |
| Version | Type | Application | |
| Update | |||
| Edition | |||
| Language | |||
| Sofware Edition | |||
| Target Software | |||
| Target Hardware | |||
| Other | |||
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 4.3 | 2014-08-22 | CVE-2014-3587 | Integer overflow in the cdf_read_property_info function in cdf.c in file through 5.19, as used in the Fileinfo component in PHP before 5.4.32 and 5.5.x before 5.5.16, allows remote attackers to cause a denial of service (application crash) via a crafted CDF file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1571. |
| 4.3 | 2014-07-09 | CVE-2014-3487 | The cdf_read_property_info function in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate a stream offset, which allows remote attackers to cause a denial of service (application crash) via a crafted CDF file. |
| 4.3 | 2014-07-09 | CVE-2014-3480 | The cdf_count_chain function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate sector-count data, which allows remote attackers to cause a denial of service (application crash) via a crafted CDF file. |
| 4.3 | 2014-07-09 | CVE-2014-3479 | The cdf_check_stream_offset function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, relies on incorrect sector-size data, which allows remote attackers to cause a denial of service (application crash) via a crafted stream offset in a CDF file. |
| 5 | 2014-07-09 | CVE-2014-3478 | Buffer overflow in the mconvert function in softmagic.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (application crash) via a crafted Pascal string in a FILE_PSTRING conversion. |
| 4.3 | 2014-07-09 | CVE-2014-0207 | The cdf_read_short_sector function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted CDF file. |
| 5 | 2014-07-03 | CVE-2014-3538 | file before 5.19 does not properly restrict the amount of data read during a regex search, which allows remote attackers to cause a denial of service (CPU consumption) via a crafted file that triggers backtracking during processing of an awk rule. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7345. |
| 5 | 2014-03-24 | CVE-2013-7345 | The BEGIN regular expression in the awk script detector in magic/Magdir/commands in file before 5.15 uses multiple wildcards with unlimited repetitions, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted ASCII file that triggers a large amount of backtracking, as demonstrated via a file with many newline characters. |
| 4.3 | 2014-03-14 | CVE-2014-2270 | softmagic.c in file before 5.17 and libmagic allows context-dependent attackers to cause a denial of service (out-of-bounds memory access and crash) via crafted offsets in the softmagic of a PE executable. |
| 4.3 | 2012-07-17 | CVE-2012-1571 | file before 5.11 and libmagic allow remote attackers to cause a denial of service (crash) via a crafted Composite Document File (CDF) file that triggers (1) an out-of-bounds read or (2) an invalid pointer dereference. |
| 9.3 | 2009-11-10 | CVE-2009-3930 | Multiple integer overflows in Christos Zoulas file before 5.02 allow user-assisted remote attackers to have an unspecified impact via a malformed compound document (aka cdf) file that triggers a buffer overflow. |
| 6.8 | 2009-05-04 | CVE-2009-1515 | Heap-based buffer overflow in the cdf_read_sat function in src/cdf.c in Christos Zoulas file 5.00 allows user-assisted remote attackers to execute arbitrary code via a crafted compound document file, as demonstrated by a .msi, .doc, or .mpp file. NOTE: some of these details are obtained from third party information. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 41% (5) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 25% (3) | CWE-189 | Numeric Errors |
| 16% (2) | CWE-20 | Improper Input Validation |
| 8% (1) | CWE-399 | Resource Management Errors |
| 8% (1) | CWE-264 | Permissions, Privileges, and Access Controls |
Oval Markup Language : Definitions
| OvalID | Name |
|---|---|
| oval:org.mitre.oval:def:15392 | DSA-2422-1 file -- missing bounds checks |
| oval:org.mitre.oval:def:29238 | DSA-2422-2 -- file -- missing bounds checks |
| oval:org.mitre.oval:def:24326 | USN-2162-1 -- file vulnerability |
| oval:org.mitre.oval:def:24248 | USN-2163-1 -- php5 vulnerability |
| oval:org.mitre.oval:def:24786 | DSA-2943-1 php5 - security update |
| oval:org.mitre.oval:def:25162 | SUSE-SU-2014:0670-1 -- Security update for file |
| oval:org.mitre.oval:def:27121 | ELSA-2014-1606 -- file security and bug fix update |
| oval:org.mitre.oval:def:27197 | ELSA-2014-1012 -- php53 and php security update (moderate) |
| oval:org.mitre.oval:def:23708 | DSA-2873-1 file - several |
| oval:org.mitre.oval:def:29235 | DSA-2873-2 -- file -- several vulnerabilities |
| oval:org.mitre.oval:def:25274 | USN-2278-1 -- file vulnerabilities |
| oval:org.mitre.oval:def:27101 | RHSA-2014:1606: file security and bug fix update (Moderate) |
| oval:org.mitre.oval:def:26455 | DSA-3021-1 file - security update |
| oval:org.mitre.oval:def:27096 | USN-2369-1 -- file vulnerability |
| oval:org.mitre.oval:def:27986 | DSA-3021-2 -- file regression update |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 59999 | Christos Zoulas file Malformed Compound Document (CDF) Handling Multiple Unsp... |
| 54100 | Christos Zoulas file src/cdf.c cdf_read_sat() Function Overflow |
OpenVAS Exploits
| id | Description |
|---|---|
| 2012-09-26 | Name : Gentoo Security Advisory GLSA 201209-14 (file) File : nvt/glsa_201209_14.nasl |
| 2012-08-03 | Name : Mandriva Update for file MDVSA-2012:035 (file) File : nvt/gb_mandriva_MDVSA_2012_035.nasl |
| 2012-05-31 | Name : Debian Security Advisory DSA 2422-2 (file) File : nvt/deb_2422_2.nasl |
| 2012-03-12 | Name : Debian Security Advisory DSA 2422-1 (file) File : nvt/deb_2422_1.nasl |
| 2009-06-09 | Name : Mandrake Security Advisory MDVSA-2009:129 (file) File : nvt/mdksa_2009_129.nasl |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2014-B-0086 | Multiple Vulnerabilities in PHP Severity: Category I - VMSKEY: V0052897 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2016-03-29 | PHP libmagic PE out of bounds memory access attempt RuleID : 38347 - Type : FILE-EXECUTABLE - Revision : 1 |
| 2016-03-14 | PHP fileinfo cdf_read_property_info denial of service attempt RuleID : 36262 - Type : SERVER-WEBAPP - Revision : 3 |
| 2016-03-14 | PHP fileinfo cdf_read_property_info denial of service attempt RuleID : 36261 - Type : SERVER-WEBAPP - Revision : 3 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2016-10-05 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2016-1156.nasl - Type: ACT_GATHER_INFO |
| 2016-09-19 | Name: The remote SUSE host is missing one or more security updates. File: suse_SU-2016-2328-1.nasl - Type: ACT_GATHER_INFO |
| 2016-09-08 | Name: The remote SUSE host is missing one or more security updates. File: suse_SU-2016-2210-1.nasl - Type: ACT_GATHER_INFO |
| 2016-08-29 | Name: The remote SUSE host is missing one or more security updates. File: suse_SU-2016-1638-1.nasl - Type: ACT_GATHER_INFO |
| 2016-08-12 | Name: The remote FreeBSD host is missing one or more security-related updates. File: freebsd_pkg_70140f20600711e6a6c314dae9d210b8.nasl - Type: ACT_GATHER_INFO |
| 2016-06-09 | Name: The remote Scientific Linux host is missing one or more security updates. File: sl_20160510_file_on_SL6_x.nasl - Type: ACT_GATHER_INFO |
| 2016-05-17 | Name: The remote CentOS host is missing one or more security updates. File: centos_RHSA-2016-0760.nasl - Type: ACT_GATHER_INFO |
| 2016-05-16 | Name: The remote Oracle Linux host is missing one or more security updates. File: oraclelinux_ELSA-2016-0760.nasl - Type: ACT_GATHER_INFO |
| 2016-05-16 | Name: The remote OracleVM host is missing one or more security updates. File: oraclevm_OVMSA-2016-0050.nasl - Type: ACT_GATHER_INFO |
| 2016-05-12 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2016-0760.nasl - Type: ACT_GATHER_INFO |
| 2016-01-22 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL16875.nasl - Type: ACT_GATHER_INFO |
| 2015-12-22 | Name: The remote Scientific Linux host is missing one or more security updates. File: sl_20151119_file_on_SL7_x.nasl - Type: ACT_GATHER_INFO |
| 2015-12-02 | Name: The remote CentOS host is missing one or more security updates. File: centos_RHSA-2015-2155.nasl - Type: ACT_GATHER_INFO |
| 2015-11-24 | Name: The remote Oracle Linux host is missing one or more security updates. File: oraclelinux_ELSA-2015-2155.nasl - Type: ACT_GATHER_INFO |
| 2015-11-20 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2015-2155.nasl - Type: ACT_GATHER_INFO |
| 2015-04-10 | Name: The remote host is missing a Mac OS X update that fixes multiple security vul... File: macosx_10_10_3.nasl - Type: ACT_GATHER_INFO |
| 2015-04-10 | Name: The remote host is missing a Mac OS X update that fixes multiple security vul... File: macosx_SecUpd2015-004.nasl - Type: ACT_GATHER_INFO |
| 2015-03-30 | Name: The remote Mandriva Linux host is missing one or more security updates. File: mandriva_MDVSA-2015-080.nasl - Type: ACT_GATHER_INFO |
| 2015-03-26 | Name: The remote Debian host is missing a security update. File: debian_DLA-145.nasl - Type: ACT_GATHER_INFO |
| 2015-03-26 | Name: The remote Debian host is missing a security update. File: debian_DLA-18.nasl - Type: ACT_GATHER_INFO |
| 2015-03-26 | Name: The remote Debian host is missing a security update. File: debian_DLA-27.nasl - Type: ACT_GATHER_INFO |
| 2015-03-26 | Name: The remote Debian host is missing a security update. File: debian_DLA-50.nasl - Type: ACT_GATHER_INFO |
| 2015-03-26 | Name: The remote Debian host is missing a security update. File: debian_DLA-67.nasl - Type: ACT_GATHER_INFO |
| 2015-03-24 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201503-08.nasl - Type: ACT_GATHER_INFO |
| 2015-01-19 | Name: The remote Solaris system is missing a security patch for third-party software. File: solaris11_php_20140522.nasl - Type: ACT_GATHER_INFO |
