MidnightBSD

Advisories for file

CVE-2003-0102 MEDIUM

Buffer overflow in tryelf() in readelf.c of the file command allows attackers to execute arbitrary code as the user running file, possibly via a large entity size value in an ELF header (elfhdr.e_shentsize).

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
file file 3.32
file file 3.36
netbsd netbsd 1.5.2
netbsd netbsd 1.5.3
file file 3.35
file file 3.34
file file 3.39
file file 3.28
netbsd netbsd 1.5.1
file file 3.30
file file 3.40
netbsd netbsd 1.5
netbsd netbsd 1.6
file file 3.37
file file 3.33
CVE-2004-1304 HIGH

Stack-based buffer overflow in the ELF header parsing code in file before 4.12 allows attackers to execute arbitrary code via a crafted ELF file.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
file file 4.3
file file 4.4
trustix secure_linux 2.1
file file 4.10
file file 4.0
file file 4.7
trustix secure_linux 2.0
file file 4.1
file file 4.2
trustix secure_linux 2.2
file file 4.9
file file 4.5
file file 4.11
file file 4.8
gentoo linux *
file file 4.6