CVE-2012-1571 - OpenCVE

file before 5.11 and libmagic allow remote attackers to cause a denial of service (crash) via a crafted Composite Document File (CDF) file that triggers (1) an out-of-bounds read or (2) an invalid pointer dereference.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:M/Au:N/C:N/I:N/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Christos Zoulas	File
Redhat	Enterprise Linux
Tim Robbins	Libmagic

Configuration 1 [-]

OR	cpe:2.3:a:christos_zoulas:file::::::::
	cpe:2.3:a:tim_robbins:libmagic::::::::

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 5
php53-0:5.3.3-23.el5_10	cpe:/o:redhat:enterprise_linux:5	RHSA-2014:1012	2014-08-06T00:00:00Z
Red Hat Enterprise Linux 6
php-0:5.3.3-27.el6_5.1	cpe:/o:redhat:enterprise_linux:6	RHSA-2014:1012	2014-08-06T00:00:00Z
file-0:5.04-21.el6	cpe:/o:redhat:enterprise_linux:6	RHSA-2014:1606	2014-10-13T00:00:00Z

References

Link	Providers
http://mx.gw.com/pipermail/file/2012/000914.html
http://www.debian.org/security/2012/dsa-2422
http://www.mandriva.com/security/advisories?name=MDVSA-2012:035
http://www.ubuntu.com/usn/USN-2123-1
https://github.com/glensc/file/commit/1859fdb4e67c49c463c4e0078054335cd46ba295
https://github.com/glensc/file/commit/1aec04dbf8a24b8a6ba64c4f74efa0628e36db0b
https://nvd.nist.gov/vuln/detail/CVE-2012-1571
https://www.cve.org/CVERecord?id=CVE-2012-1571

History

No history.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2012-07-17T21:00:00

Updated: 2024-08-06T19:01:02.472Z

Reserved: 2012-03-12T00:00:00

Link: CVE-2012-1571

Vulnrichment

No data.

NVD

Status : Modified

Published: 2012-07-17T21:55:01.413

Modified: 2014-03-08T04:55:12.187

Link: CVE-2012-1571

Redhat

Severity : Low

Publid Date: 2012-02-16T00:00:00Z

Links: CVE-2012-1571 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2012-02-21T00:00:00", "descriptions": [{"lang": "en", "value": "file before 5.11 and libmagic allow remote attackers to cause a denial of service (crash) via a crafted Composite Document File (CDF) file that triggers (1) an out-of-bounds read or (2) an invalid pointer dereference."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2014-03-05T14:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "DSA-2422", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2012/dsa-2422"}, {"name": "MDVSA-2012:035", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:035"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/glensc/file/commit/1aec04dbf8a24b8a6ba64c4f74efa0628e36db0b"}, {"name": "[file] 20120221 file-5.11 is now available", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://mx.gw.com/pipermail/file/2012/000914.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/glensc/file/commit/1859fdb4e67c49c463c4e0078054335cd46ba295"}, {"name": "USN-2123-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2123-1"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2012-1571", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "file before 5.11 and libmagic allow remote attackers to cause a denial of service (crash) via a crafted Composite Document File (CDF) file that triggers (1) an out-of-bounds read or (2) an invalid pointer dereference."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "DSA-2422", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2012/dsa-2422"}, {"name": "MDVSA-2012:035", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:035"}, {"name": "https://github.com/glensc/file/commit/1aec04dbf8a24b8a6ba64c4f74efa0628e36db0b", "refsource": "CONFIRM", "url": "https://github.com/glensc/file/commit/1aec04dbf8a24b8a6ba64c4f74efa0628e36db0b"}, {"name": "[file] 20120221 file-5.11 is now available", "refsource": "MLIST", "url": "http://mx.gw.com/pipermail/file/2012/000914.html"}, {"name": "https://github.com/glensc/file/commit/1859fdb4e67c49c463c4e0078054335cd46ba295", "refsource": "CONFIRM", "url": "https://github.com/glensc/file/commit/1859fdb4e67c49c463c4e0078054335cd46ba295"}, {"name": "USN-2123-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2123-1"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T19:01:02.472Z"}, "title": "CVE Program Container", "references": [{"name": "DSA-2422", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2012/dsa-2422"}, {"name": "MDVSA-2012:035", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:035"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/glensc/file/commit/1aec04dbf8a24b8a6ba64c4f74efa0628e36db0b"}, {"name": "[file] 20120221 file-5.11 is now available", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://mx.gw.com/pipermail/file/2012/000914.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/glensc/file/commit/1859fdb4e67c49c463c4e0078054335cd46ba295"}, {"name": "USN-2123-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2123-1"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2012-1571", "datePublished": "2012-07-17T21:00:00", "dateReserved": "2012-03-12T00:00:00", "dateUpdated": "2024-08-06T19:01:02.472Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:christos_zoulas:file:*:*:*:*:*:*:*:*", "matchCriteriaId": "6D83F9EC-3ED0-45B4-B928-0B664ED4ED46", "versionEndIncluding": "5.10", "vulnerable": true}, {"criteria": "cpe:2.3:a:tim_robbins:libmagic:*:*:*:*:*:*:*:*", "matchCriteriaId": "6D83103B-2316-4943-8082-FC4CDC754256", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "file before 5.11 and libmagic allow remote attackers to cause a denial of service (crash) via a crafted Composite Document File (CDF) file that triggers (1) an out-of-bounds read or (2) an invalid pointer dereference."}, {"lang": "es", "value": "archivo antes de v5.11 y libmagic permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de un archivo de documento elaborado compuesto (CDF) que activa (1) una lectura fuera de l\u00edmites o (2) una desreferencia de puntero no v\u00e1lido."}], "id": "CVE-2012-1571", "lastModified": "2014-03-08T04:55:12.187", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2012-07-17T21:55:01.413", "references": [{"source": "secalert@redhat.com", "tags": ["Patch"], "url": "http://mx.gw.com/pipermail/file/2012/000914.html"}, {"source": "secalert@redhat.com", "url": "http://www.debian.org/security/2012/dsa-2422"}, {"source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:035"}, {"source": "secalert@redhat.com", "url": "http://www.ubuntu.com/usn/USN-2123-1"}, {"source": "secalert@redhat.com", "tags": ["Exploit", "Patch"], "url": "https://github.com/glensc/file/commit/1859fdb4e67c49c463c4e0078054335cd46ba295"}, {"source": "secalert@redhat.com", "tags": ["Exploit", "Patch"], "url": "https://github.com/glensc/file/commit/1aec04dbf8a24b8a6ba64c4f74efa0628e36db0b"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2014:1012", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "php53-0:5.3.3-23.el5_10", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2014-08-06T00:00:00Z"}, {"advisory": "RHSA-2014:1012", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "php-0:5.3.3-27.el6_5.1", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2014-08-06T00:00:00Z"}, {"advisory": "RHSA-2014:1606", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "file-0:5.04-21.el6", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2014-10-13T00:00:00Z"}], "bugzilla": {"description": "file: out of bounds read in CDF parser", "id": "805197", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=805197"}, "csaw": false, "cvss": {"cvss_base_score": "4.3", "cvss_scoring_vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "status": "verified"}, "cwe": "CWE-122", "details": ["file before 5.11 and libmagic allow remote attackers to cause a denial of service (crash) via a crafted Composite Document File (CDF) file that triggers (1) an out-of-bounds read or (2) an invalid pointer dereference.", "A denial of service flaw was found in the way the File Information (fileinfo) extension parsed certain Composite Document Format (CDF) files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file."], "name": "CVE-2012-1571", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "cdrtools", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "file", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "php", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "rpm", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "file", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "php", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:1", "fix_state": "Not affected", "package_name": "php54-php", "product_name": "Red Hat Software Collections"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:1", "fix_state": "Not affected", "package_name": "php55-php", "product_name": "Red Hat Software Collections"}], "public_date": "2012-02-16T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2012-1571\nhttps://nvd.nist.gov/vuln/detail/CVE-2012-1571"], "statement": "This issue did not affect the versions of the php and file packages as shipped with Red Hat Enterprise Linux 5 and 7.", "threat_severity": "Low", "upstream_fix": "file 5.11"}