FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

file -- denial of service

Affected packages
file < 5.17

Details

VuXML ID 815dbcf9-a2d6-11e3-8088-002590860428
Discovery 2014-02-16
Entry 2014-03-03

The Fine Free file project reports:

file before 5.17 allows context-dependent attackers to cause a denial of service (infinite recursion, CPU consumption, and crash) via a crafted indirect offset value in the magic of a file.

References

CVE Name CVE-2014-1943
Message http://mx.gw.com/pipermail/file/2014/001327.html