CVE-2012-1571

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2012-1571 at MITRE

Description

file before 5.11 and libmagic allow remote attackers to cause a denial of service (crash) via a crafted Composite Document File (CDF) file that triggers (1) an out-of-bounds read or (2) an invalid pointer dereference.

SUSE information

CVSS v2 Scores
  National Vulnerability Database
Base Score 4.30
Vector AV:N/AC:M/Au:N/C:N/I:N/A:P
Access Vector Network
Access Complexity Medium
Authentication None
Confidentiality Impact None
Integrity Impact None
Availability Impact Partial
SUSE Bugzilla entries: 753303 [RESOLVED / FIXED], 883306 [RESOLVED / ], 884986 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
openSUSE 11.4
  • file >= 5.04-13.1
  • file-32bit >= 5.04-13.1
  • file-debuginfo >= 5.04-13.1
  • file-debuginfo-32bit >= 5.04-13.1
  • file-debugsource >= 5.04-13.1
  • file-devel >= 5.04-13.1
  • python-magic >= 5.04-13.1
  • python-magic-debuginfo >= 5.04-13.1
  • python-magic-debugsource >= 5.04-13.1
Patchnames:
openSUSE-2012-221