Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service (infinite recursion, CPU consumption, and crash) via a crafted indirect offset value in the magic of a file.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-755,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| php | php | * |
| debian | debian_linux | 6.0 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 12.10 |
| debian | debian_linux | 7.0 |
| fine_free_file_project | fine_free_file | * |
| canonical | ubuntu_linux | 13.10 |