CVE-2014-9621

Published: Jan 21, 2015Modified: May 6, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

The ELF parser in file 5.16 through 5.21 allows remote attackers to cause a denial of service via a long string.

Affected (6)

Products: File Project: File

1 product

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
File Project File	Version 5.16
File Project File	Version 5.17
File Project File	Version 5.18
File Project File	Version 5.19
File Project File	Version 5.20
File Project File	Version 5.21

Related CWEs

References (14)

http://advisories.mageia.org/MGASA-2015-0040.html

Source: cve@mitre.org

http://mx.gw.com/pipermail/file/2014/001654.html

Source: cve@mitre.org

http://mx.gw.com/pipermail/file/2015/001660.html

Source: cve@mitre.org

Vendor Advisory

http://www.openwall.com/lists/oss-security/2015/01/17/9

Source: cve@mitre.org

https://github.com/file/file/commit/65437cee25199dbd385fb35901bc0011e164276c

Source: cve@mitre.org

https://security.gentoo.org/glsa/201503-08

Source: cve@mitre.org

https://usn.ubuntu.com/3686-1/

Source: cve@mitre.org

http://advisories.mageia.org/MGASA-2015-0040.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://mx.gw.com/pipermail/file/2014/001654.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://mx.gw.com/pipermail/file/2015/001660.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.openwall.com/lists/oss-security/2015/01/17/9

Source: af854a3a-2127-422b-91ae-364da2661108

https://github.com/file/file/commit/65437cee25199dbd385fb35901bc0011e164276c

Source: af854a3a-2127-422b-91ae-364da2661108

https://security.gentoo.org/glsa/201503-08

Source: af854a3a-2127-422b-91ae-364da2661108

https://usn.ubuntu.com/3686-1/

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.