CVE-2014-9620

NONE EPSS 90.7%
Published Jan 21, 201511y ago ยท Modified Jun 17, 20262w ago
Find Similar
Published Jan 21, 2015 11y ago
Last Modified Jun 17, 2026 2w ago

Description

The ELF parser in file 5.08 through 5.21 allows remote attackers to cause a denial of service via a large number of notes.

Threat Intelligence

EPSS Exploit Probability
90.7% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-399

Affected Products 14

VendorProductVersionRange
file_projectfile5.08any
file_projectfile5.09any
file_projectfile5.10any
file_projectfile5.11any
file_projectfile5.12any
file_projectfile5.13any
file_projectfile5.14any
file_projectfile5.15any
file_projectfile5.16any
file_projectfile5.17any
file_projectfile5.18any
file_projectfile5.19any
file_projectfile5.20any
file_projectfile5.21any

References 11

  • advisories.mageia.org http://advisories.mageia.org/MGASA-2015-0040.html
  • mx.gw.com http://mx.gw.com/pipermail/file/2014/001653.html
  • mx.gw.com http://mx.gw.com/pipermail/file/2015/001660.html
    Vendor Advisory
  • rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2016-0760.html
  • debian.org http://www.debian.org/security/2015/dsa-3121
  • openwall.com http://www.openwall.com/lists/oss-security/2015/01/17/9
  • oracle.com http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
  • securityfocus.com http://www.securityfocus.com/bid/71715
  • github.com https://github.com/file/file/commit/ce90e05774dd77d86cfc8dfa6da57b32816841c4
  • security.gentoo.org https://security.gentoo.org/glsa/201503-08
  • usn.ubuntu.com https://usn.ubuntu.com/3686-1/

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.