Mandriva Update For File MDVSA-2012:035 (file) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

Multiple out-of heap-based buffer read flaws and invalid pointer dereference flaws were found in the way file, utility for determining of file types processed header section for certain Composite Document Format (CDF) files. A remote attacker could provide a specially-crafted CDF file, which once inspected by the file utility of the victim would lead to file executable crash (CVE-2012-1571). The updated packages for Mandriva Linux 2011 have been upgraded to the 5.11 version and the packages for Mandriva Linux 2010.2 has been patched to correct these issues.

Affected

file on Mandriva Linux 2011.0, Mandriva Linux 2010.1

Severity

Classification

CVE CVE-2012-1571
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:181 (bind)
Mandrake Security Advisory MDVSA-2009:167 (php)
Mandrake Security Advisory MDVSA-2009:200 (libxml)
Mandrake Security Advisory MDVSA-2009:002 (bind)
Mandrake Security Advisory MDVSA-2009:108 (zsh)

Mandriva Update for file MDVSA-2012:035 (file)

Take action and discover your vulnerabilities