CVE-2009-1515Improper Restriction of Operations within the Bounds of a Memory Buffer in Zoulas File

CWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-122Heap-based Buffer OverflowCWE-366Race Condition within a Thread12 documents8 sources
Severity
6.8MEDIUMNVD
OSV5.5
EPSS
4.2%
top 11.28%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
File Project FileLinux KernelChristos Zoulas File
Timeline
PublishedMay 4
Latest updateJan 13

Description

Heap-based buffer overflow in the cdf_read_sat function in src/cdf.c in Christos Zoulas file 5.00 allows user-assisted remote attackers to execute arbitrary code via a crafted compound document file, as demonstrated by a .msi, .doc, or .mpp file. NOTE: some of these details are obtained from third party information.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages3 packages

Debianfile_project/file< 5.02-1+3
Linuxlinux/linux_kernel6.2.06.6.120+3

🔴Vulnerability Details

6
OSV
mptcp: fallback earlier on simult connection2026-01-13
GHSA
GHSA-5vxx-g7fm-qfjw: Heap-based buffer overflow in the cdf_read_sat function in src/cdf2022-05-03
GHSA
GHSA-47c7-xq7g-3v46: Multiple buffer overflows in Christos Zoulas file before 52022-05-02
CVEList
CVE-2009-2830: Multiple buffer overflows in Christos Zoulas file before 52009-11-10
CVEList
CVE-2009-1515: Heap-based buffer overflow in the cdf_read_sat function in src/cdf2009-05-04

📋Vendor Advisories

3
Red Hat
kernel: Linux kernel: Denial of Service via MPTCP race condition2026-01-13
Red Hat
file: heap-based buffer overflow in cdf_read_sat()2009-04-27
Debian
CVE-2009-1515: file - Heap-based buffer overflow in the cdf_read_sat function in src/cdf.c in Christos...2009

🕵️Threat Intelligence

1
Wiz
CVE-2025-71088 Impact, Exploitability, and Mitigation Steps | Wiz

💬Community

1
Bugzilla
CVE-2009-1515 file: heap-based buffer overflow in cdf_read_sat()2009-04-27
CVE-2009-1515 — Christos Zoulas File vulnerability | cvebase