FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

file -- out-of-bounds access in search rules with offsets from input file

Affected packages
file < 5.18

Details

VuXML ID 7e61a839-b714-11e3-8195-001966155bea
Discovery 2013-12-20
Entry 2014-03-29

Aaron Reffett reports:

softmagic.c in file ... and libmagic allows context-dependent attackers to cause a denial of service (out-of-bounds memory access and crash) via crafted offsets in the softmagic of a PE executable.

References

CVE Name CVE-2014-2270
URL http://bugs.gw.com/view.php?id=31