Debian File vulnerabilities

CVE-2022-48554 [MEDIUM] CVE-2022-48554: file - File before 5.43 has an stack-based buffer over-read in file_copystr in funcs.c.... File before 5.43 has an stack-based buffer over-read in file_copystr in funcs.c. NOTE: "File" is the name of an Open Source project. Scope: local bookworm: resolved (fixed in 1:5.44-1) bullseye: resolved (fixed in 1:5.39-3+deb11u1) forky: resolved (fixed in 1:5.44-1) sid: resolved (fixed in 1:5.44-1) trixie: resolved (fixed in 1:5.44-1)

CVE-2019-8907 [HIGH] CVE-2019-8907: file - do_core_note in readelf.c in libmagic.a in file 5.35 allows remote attackers to ... do_core_note in readelf.c in libmagic.a in file 5.35 allows remote attackers to cause a denial of service (stack corruption and application crash) or possibly have unspecified other impact. Scope: local bookworm: resolved (fixed in 1:5.35-3) bullseye: resolved (fixed in 1:5.35-3) forky: resolved (fixed in 1:5.35-3) sid: resolved (fixed in 1:5.35-3) trixie: resolved (fixe

CVE-2019-8904 [HIGH] CVE-2019-8904: file - do_bid_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer ove... do_bid_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to file_printf and file_vprintf. Scope: local bookworm: resolved (fixed in 1:5.35-3) bullseye: resolved (fixed in 1:5.35-3) forky: resolved (fixed in 1:5.35-3) sid: resolved (fixed in 1:5.35-3) trixie: resolved (fixed in 1:5.35-3)

CVE-2019-18218 [HIGH] CVE-2019-18218: file - cdf_read_property_info in cdf.c in file through 5.37 does not restrict the numbe... cdf_read_property_info in cdf.c in file through 5.37 does not restrict the number of CDF_VECTOR elements, which allows a heap-based buffer overflow (4-byte out-of-bounds write). Scope: local bookworm: resolved (fixed in 1:5.37-6) bullseye: resolved (fixed in 1:5.37-6) forky: resolved (fixed in 1:5.37-6) sid: resolved (fixed in 1:5.37-6) trixie: resolved (fixed in 1:5.3

CVE-2019-8906 [MEDIUM] CVE-2019-8906: file - do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read b... do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is misused. Scope: local bookworm: resolved (fixed in 1:5.35-3) bullseye: resolved (fixed in 1:5.35-3) forky: resolved (fixed in 1:5.35-3) sid: resolved (fixed in 1:5.35-3) trixie: resolved (fixed in 1:5.35-3)

CVE-2019-8905 [MEDIUM] CVE-2019-8905: file - do_core_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer ov... do_core_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to file_printable, a different vulnerability than CVE-2018-10360. Scope: local bookworm: resolved (fixed in 1:5.35-3) bullseye: resolved (fixed in 1:5.35-3) forky: resolved (fixed in 1:5.35-3) sid: resolved (fixed in 1:5.35-3) trixie: resolved (fixed in 1:5.35-3)

CVE-2018-10360 [MEDIUM] CVE-2018-10360: file - The do_core_note function in readelf.c in libmagic.a in file 5.33 allows remote ... The do_core_note function in readelf.c in libmagic.a in file 5.33 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file. Scope: local bookworm: resolved (fixed in 1:5.33-3) bullseye: resolved (fixed in 1:5.33-3) forky: resolved (fixed in 1:5.33-3) sid: resolved (fixed in 1:5.33-3) trixie: resolved (fixe

CVE-2017-1000249 [MEDIUM] CVE-2017-1000249: file - An issue in file() was introduced in commit 9611f31313a93aa036389c5f3b15eea53510... An issue in file() was introduced in commit 9611f31313a93aa036389c5f3b15eea53510d4d1 (Oct 2016) lets an attacker overwrite a fixed 20 bytes stack buffer with a specially crafted .notes section in an ELF binary. This was fixed in commit 35c94dc6acc418f1ad7f6241a6680e5327495793 (Aug 2017). Scope: local bookworm: resolved (fixed in 1:5.32-1) bullseye: resolved (fixe

CVE-2015-8865 [HIGH] CVE-2015-8865: file - The file_check_mem function in funcs.c in file before 5.23, as used in the Filei... The file_check_mem function in funcs.c in file before 5.23, as used in the Fileinfo component in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5, mishandles continuation-level jumps, which allows context-dependent attackers to cause a denial of service (buffer overflow and application crash) or possibly execute arbitrary code via a crafted magic file. Scope:

CVE-2015-4605 [HIGH] CVE-2015-4605: file - The mcopy function in softmagic.c in file 5.x, as used in the Fileinfo component... The mcopy function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly restrict a certain offset value, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string that is mishandled by a "Python script

CVE-2015-4604 [HIGH] CVE-2015-4604: file - The mget function in softmagic.c in file 5.x, as used in the Fileinfo component ... The mget function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly maintain a certain pointer relationship, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string that is mishandled by a "Python

CVE-2014-0236 [HIGH] CVE-2014-0236: file - file before 5.18, as used in the Fileinfo component in PHP before 5.6.0, allows ... file before 5.18, as used in the Fileinfo component in PHP before 5.6.0, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a zero root_storage value in a CDF file, related to cdf.c and readcdf.c. Scope: local bookworm: resolved (fixed in 1:5.19-1) bullseye: resolved (fixed in 1:5.19-1) forky: resolved (fixed in 1:5.

CVE-2014-9653 [HIGH] CVE-2014-9653: file - readelf.c in file before 5.22, as used in the Fileinfo component in PHP before 5... readelf.c in file before 5.22, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not consider that pread calls sometimes read only a subset of the available data, which allows remote attackers to cause a denial of service (uninitialized memory access) or possibly have unspecified other impact via a crafted ELF file.

CVE-2014-3487 [MEDIUM] CVE-2014-3487: file - The cdf_read_property_info function in file before 5.19, as used in the Fileinfo... The cdf_read_property_info function in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate a stream offset, which allows remote attackers to cause a denial of service (application crash) via a crafted CDF file. Scope: local bookworm: resolved (fixed in 1:5.19-1) bullseye: resolved (fixed in 1:5.19

CVE-2014-9652 [MEDIUM] CVE-2014-9652: file - The mconvert function in softmagic.c in file before 5.21, as used in the Fileinf... The mconvert function in softmagic.c in file before 5.21, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not properly handle a certain string-length field during a copy of a truncated version of a Pascal string, which might allow remote attackers to cause a denial of service (out-of-bounds memory access and app

CVE-2014-1943 [MEDIUM] CVE-2014-1943: file - Fine Free file before 5.17 allows context-dependent attackers to cause a denial ... Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service (infinite recursion, CPU consumption, and crash) via a crafted indirect offset value in the magic of a file. Scope: local bookworm: resolved (fixed in 1:5.17-0.1) bullseye: resolved (fixed in 1:5.17-0.1) forky: resolved (fixed in 1:5.17-0.1) sid: resolved (fixed in 1:5.17-0.1) tr

CVE-2014-3710 [MEDIUM] CVE-2014-3710: file - The donote function in readelf.c in file through 5.20, as used in the Fileinfo c... The donote function in readelf.c in file through 5.20, as used in the Fileinfo component in PHP 5.4.34, does not ensure that sufficient note headers are present, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file. Scope: local bookworm: resolved (fixed in 1:5.20-2) bullseye: resolved (fixed in 1:

CVE-2014-3479 [MEDIUM] CVE-2014-3479: file - The cdf_check_stream_offset function in cdf.c in file before 5.19, as used in th... The cdf_check_stream_offset function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, relies on incorrect sector-size data, which allows remote attackers to cause a denial of service (application crash) via a crafted stream offset in a CDF file. Scope: local bookworm: resolved (fixed in 1:5.19-1) bullseye: re

CVE-2014-9620 [MEDIUM] CVE-2014-9620: file - The ELF parser in file 5.08 through 5.21 allows remote attackers to cause a deni... The ELF parser in file 5.08 through 5.21 allows remote attackers to cause a denial of service via a large number of notes. Scope: local bookworm: resolved (fixed in 1:5.21+15-1) bullseye: resolved (fixed in 1:5.21+15-1) forky: resolved (fixed in 1:5.21+15-1) sid: resolved (fixed in 1:5.21+15-1) trixie: resolved (fixed in 1:5.21+15-1)

CVE-2014-0207 [MEDIUM] CVE-2014-0207: file - The cdf_read_short_sector function in cdf.c in file before 5.19, as used in the ... The cdf_read_short_sector function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted CDF file. Scope: local bookworm: resolved (fixed in 1:5.19-1) bullseye: resolved (fixed in 1:5.19-1) forky: resolved (