#VU32802 Buffer overflow in file - CVE-2012-1571

Cybersecurity Help s.r.o.

Published: 2012-07-18 | Updated: 2020-07-28

Vulnerability identifier: #VU32802

Vulnerability risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2012-1571

CWE-ID: CWE-119

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
file
Universal components / Libraries / Libraries used by multiple products

Vendor: Ian F. Darwin

Description

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

file before 5.11 and libmagic allow remote attackers to cause a denial of service (crash) via a crafted Composite Document File (CDF) file that triggers (1) an out-of-bounds read or (2) an invalid pointer dereference.

Mitigation
Install update from vendor's website.

Vulnerable software versions

file: 5.00 - 5.10

External links
https://mx.gw.com/pipermail/file/2012/000914.html
https://www.debian.org/security/2012/dsa-2422
https://www.mandriva.com/security/advisories?name=MDVSA-2012:035
https://www.ubuntu.com/usn/USN-2123-1
https://github.com/glensc/file/commit/1859fdb4e67c49c463c4e0078054335cd46ba295
https://github.com/glensc/file/commit/1aec04dbf8a24b8a6ba64c4f74efa0628e36db0b

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Amazon Linux AMI update for php55

Amazon Linux AMI update for file

Gentoo update for file

Buffer overflow in file

Buffer overflow in file (Alpine package)