Vulnerabilities > Christos Zoulas > File > 5.01
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-08-23 | CVE-2014-3587 | Numeric Errors vulnerability in multiple products Integer overflow in the cdf_read_property_info function in cdf.c in file through 5.19, as used in the Fileinfo component in PHP before 5.4.32 and 5.5.x before 5.5.16, allows remote attackers to cause a denial of service (application crash) via a crafted CDF file. | 4.3 |
| 2014-07-09 | CVE-2014-3478 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Buffer overflow in the mconvert function in softmagic.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (application crash) via a crafted Pascal string in a FILE_PSTRING conversion. | 5.0 |
| 2012-07-17 | CVE-2012-1571 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products file before 5.11 and libmagic allow remote attackers to cause a denial of service (crash) via a crafted Composite Document File (CDF) file that triggers (1) an out-of-bounds read or (2) an invalid pointer dereference. | 4.3 |
| 2009-11-10 | CVE-2009-3930 | Numeric Errors vulnerability in Christos Zoulas File Multiple integer overflows in Christos Zoulas file before 5.02 allow user-assisted remote attackers to have an unspecified impact via a malformed compound document (aka cdf) file that triggers a buffer overflow. | 9.3 |