CVE-2014-2270

Published: 14 March 2014

softmagic.c in file before 5.17 and libmagic allows context-dependent attackers to cause a denial of service (out-of-bounds memory access and crash) via crafted offsets in the softmagic of a PE executable.

Priority

Medium

Notes

AuthorNote
mdeslaur
see regression fix in DSA-2873-2
The regression in the debian package is caused by a fix for
a different issue which does not seem to have a CVE number:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=703993
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742262 (file regression 1)
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742265 (file regression 2)

References

Bugs