CVE-2009-3930Improper Restriction of Operations within the Bounds of a Memory Buffer in Zoulas File

CWE-1895 documents5 sources
Severity
9.3CRITICALNVD
EPSS
0.9%
top 24.67%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
File Project FileChristos Zoulas File
Timeline
PublishedNov 10
Latest updateMay 2

Description

Multiple integer overflows in Christos Zoulas file before 5.02 allow user-assisted remote attackers to have an unspecified impact via a malformed compound document (aka cdf) file that triggers a buffer overflow.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages2 packages

Debianfile_project/file< 5.03-1+3

🔴Vulnerability Details

3
GHSA
GHSA-462f-9822-gvw7: Multiple integer overflows in Christos Zoulas file before 52022-05-02
CVEList
CVE-2009-3930: Multiple integer overflows in Christos Zoulas file before 52009-11-10
OSV
CVE-2009-3930: Multiple integer overflows in Christos Zoulas file before 52009-11-10

📋Vendor Advisories

1
Debian
CVE-2009-3930: file - Multiple integer overflows in Christos Zoulas file before 5.02 allow user-assist...2009
CVE-2009-3930 — Christos Zoulas File vulnerability | cvebase