Ubuntu Update For File USN-2123-1 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

It was discovered that file incorrectly handled Composite Document files. An attacker could use this issue to cause file to crash, resulting in a denial of service. This issue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. (CVE-2012-1571) Bernd Melchers discovered that file incorrectly handled indirect offset values. An attacker could use this issue to cause file to consume resources or crash, resulting in a denial of service. (CVE-2014-1943)

Affected

file on Ubuntu 13.10 , Ubuntu 12.10 , Ubuntu 12.04 LTS , Ubuntu 10.04 LTS

References

https://lists.ubuntu.com/archives/ubuntu-security-announce/2014-February/002417.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-1571, CVE-2014-1943
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Ubuntu Update for apt USN-1385-1
Ubuntu Update for apt USN-2246-1
Ubuntu Update for clamav USN-1179-1
Ubuntu Update for ceilometer USN-2311-2
Ubuntu Update for cinder USN-2208-1

Ubuntu Update for file USN-2123-1

Take action and discover your vulnerabilities