Download
| Alert*
|
oval:org.secpod.oval:def:1600989
do_bid_note in readelf.c in libmagic.a has a stack-based buffer over-read, related to file_printf and file_vprintf. do_core_note in readelf.c in libmagic.a has a stack-based buffer over-read, related to file_printable, a different vulnerability than CVE-2018-10360 . do_core_note in readelf.c in libm ... oval:org.secpod.oval:def:89003255 This update for file fixes the following issues: The following security vulnerabilities were addressed: - Fixed an out-of-bounds read in the function do_core_note in readelf.c, which allowed remote attackers to cause a denial of service via a crafted ELF file . - CVE-2019-8905: Fixed a stack-based ... oval:org.secpod.oval:def:71093 The host is installed with Apple Mac OS X 10.14.3 and is prone to an out-of-bounds read vulnerability. A flaw is present in the application, which fails to properly handle bounds check issue. Successful exploitation allows an attacker to disclose user information. oval:org.secpod.oval:def:116061 The file command is used to identify a particular file according to the type of data contained by the file. File can identify many different file types, including ELF binaries, system libraries, RPM packages, and different graphics formats. oval:org.secpod.oval:def:116108 The file command is used to identify a particular file according to the type of data contained by the file. File can identify many different file types, including ELF binaries, system libraries, RPM packages, and different graphics formats. oval:org.secpod.oval:def:1901135 do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is misused. oval:org.secpod.oval:def:53018 file: Tool to determine file types Several security issues were fixed in file. oval:org.secpod.oval:def:704827 file: Tool to determine file types Several security issues were fixed in file. oval:org.secpod.oval:def:53540 The host is installed with Apple Mac OS X through 10.12.6, 10.13.6 or 10.14.3 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle multiple issues. Successful exploitation allows attackers to execute arbitrary code or read restricted memo ... |
