CVE-2014-3710 (retired)

Priority
Description
The donote function in readelf.c in file through 5.20, as used in the
Fileinfo component in PHP 5.4.34, does not ensure that sufficient note
headers are present, which allows remote attackers to cause a denial of
service (out-of-bounds read and application crash) via a crafted ELF file.
Assigned-to
mdeslaur
Notes
Package
Source: file (LP Ubuntu Debian)
Upstream:needs-triage
Patches:
Upstream:https://github.com/file/file/commit/39c7ac1106be844a5296d3eb5971946cc09ffda0
More Information

Updated: 2019-10-09 07:50:33 UTC (commit 33aea848a182c0afcd0a3f927a01a7ecd9a061ee)