ID |
CVE-2014-8116
|
Summary |
The ELF parser (readelf.c) in file before 5.21 allows remote attackers to cause a denial of service (CPU consumption or crash) via a large number of (1) program or (2) section headers or (3) invalid capabilities. |
References |
|
Vulnerable Configurations |
-
cpe:2.3:a:file_project:file:5.20:*:*:*:*:*:*:*
cpe:2.3:a:file_project:file:5.20:*:*:*:*:*:*:*
-
cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*
-
cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*
cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*
-
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*
-
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
-
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
-
cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
|
CVSS |
Base: | 5.0 (as of 05-01-2018 - 02:29) |
Impact: | |
Exploitability: | |
|
CWE |
CWE-399 |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
NONE |
NONE |
PARTIAL |
|
cvss-vector
via4
|
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
redhat
via4
|
advisories | | rpms | - file-0:5.11-31.el7
- file-debuginfo-0:5.11-31.el7
- file-devel-0:5.11-31.el7
- file-libs-0:5.11-31.el7
- file-static-0:5.11-31.el7
- python-magic-0:5.11-31.el7
- file-0:5.04-30.el6
- file-debuginfo-0:5.04-30.el6
- file-devel-0:5.04-30.el6
- file-libs-0:5.04-30.el6
- file-static-0:5.04-30.el6
- python-magic-0:5.04-30.el6
|
|
refmap
via4
|
bid | 71700 | confirm | | freebsd | FreeBSD-SA-14:28 | mlist | [oss-security] 20141216 file(1): multiple denial of service issues (resource consumption), CVE-2014-8116 and CVE-2014-8117 | sectrack | 1031344 | secunia | | ubuntu | USN-2494-1 |
|
Last major update |
05-01-2018 - 02:29 |
Published |
17-12-2014 - 19:59 |
Last modified |
05-01-2018 - 02:29 |