This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor File Project First view 2015-01-21
Product File Last view 2019-10-21
Version 5.21 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:file_project:file

Activity : Overall

Related : CVE

  Date Alert Description
9.8 2019-10-21 CVE-2019-18218

cdf_read_property_info in cdf.c in file through 5.37 does not restrict the number of CDF_VECTOR elements, which allows a heap-based buffer overflow (4-byte out-of-bounds write).

7.5 2015-03-30 CVE-2014-9653

readelf.c in file before 5.22, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not consider that pread calls sometimes read only a subset of the available data, which allows remote attackers to cause a denial of service (uninitialized memory access) or possibly have unspecified other impact via a crafted ELF file.

5 2015-01-21 CVE-2014-9621

The ELF parser in file 5.16 through 5.21 allows remote attackers to cause a denial of service via a long string.

5 2015-01-21 CVE-2014-9620

The ELF parser in file 5.08 through 5.21 allows remote attackers to cause a denial of service via a large number of notes.

CWE : Common Weakness Enumeration

%idName
50% (2) CWE-399 Resource Management Errors
25% (1) CWE-787 Out-of-bounds Write
25% (1) CWE-20 Improper Input Validation

Nessus® Vulnerability Scanner

id Description
2017-11-27 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2017-3048-1.nasl - Type: ACT_GATHER_INFO
2017-11-27 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2017-1298.nasl - Type: ACT_GATHER_INFO
2017-01-18 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201701-42.nasl - Type: ACT_GATHER_INFO
2016-06-09 Name: The remote Scientific Linux host is missing one or more security updates.
File: sl_20160510_file_on_SL6_x.nasl - Type: ACT_GATHER_INFO
2016-05-17 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2016-0760.nasl - Type: ACT_GATHER_INFO
2016-05-16 Name: The remote OracleVM host is missing one or more security updates.
File: oraclevm_OVMSA-2016-0050.nasl - Type: ACT_GATHER_INFO
2016-05-16 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2016-0760.nasl - Type: ACT_GATHER_INFO
2016-05-12 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2016-0760.nasl - Type: ACT_GATHER_INFO
2015-12-22 Name: The remote Scientific Linux host is missing one or more security updates.
File: sl_20151119_file_on_SL7_x.nasl - Type: ACT_GATHER_INFO
2015-12-02 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2015-2155.nasl - Type: ACT_GATHER_INFO
2015-11-24 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2015-2155.nasl - Type: ACT_GATHER_INFO
2015-11-20 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2015-2155.nasl - Type: ACT_GATHER_INFO
2015-07-22 Name: The remote web server is affected by multiple vulnerabilities.
File: hpsmh_7_5.nasl - Type: ACT_GATHER_INFO
2015-04-20 Name: The remote Debian host is missing a security update.
File: debian_DLA-204.nasl - Type: ACT_GATHER_INFO
2015-03-30 Name: The remote Mandriva Linux host is missing one or more security updates.
File: mandriva_MDVSA-2015-080.nasl - Type: ACT_GATHER_INFO
2015-03-25 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2015-497.nasl - Type: ACT_GATHER_INFO
2015-03-24 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201503-08.nasl - Type: ACT_GATHER_INFO
2015-03-19 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-3196.nasl - Type: ACT_GATHER_INFO
2015-02-18 Name: The remote Fedora host is missing a security update.
File: fedora_2015-2020.nasl - Type: ACT_GATHER_INFO
2015-01-09 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-3121.nasl - Type: ACT_GATHER_INFO
2015-01-09 Name: The remote Mandriva Linux host is missing one or more security updates.
File: mandriva_MDVSA-2015-010.nasl - Type: ACT_GATHER_INFO