CVE-2012-1571

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2012-1571 at MITRE

Description

file before 5.11 and libmagic allow remote attackers to cause a denial of service (crash) via a crafted Composite Document File (CDF) file that triggers (1) an out-of-bounds read or (2) an invalid pointer dereference.

NVD CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)

SUSE information

SUSE Bugzilla entries: 753303, 883306, 884986

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
openSUSE 11.4
  • file >= 5.04-13.1
  • file-32bit >= 5.04-13.1
  • file-debuginfo >= 5.04-13.1
  • file-debuginfo-32bit >= 5.04-13.1
  • file-debugsource >= 5.04-13.1
  • file-devel >= 5.04-13.1
  • python-magic >= 5.04-13.1
  • python-magic-debuginfo >= 5.04-13.1
  • python-magic-debugsource >= 5.04-13.1
Patchnames:
openSUSE-2012-221