cpe:/a:christos_zoulas:file:5.00 CVE-2009-1515 2009-05-04T12:30:00.233-04:00 2009-11-13T02:12:14.390-05:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2009-05-05T05:43:00.000-04:00 BID 34745 SECUNIA 34881 OSVDB 54100 MANDRIVA MDVSA-2009:129 MLIST [file] 20090501 file 5.01 is now available CONFIRM ftp://ftp.astron.com/pub/file/file-5.01.tar.gz MISC http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=515603 MISC http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=525820 Heap-based buffer overflow in the cdf_read_sat function in src/cdf.c in Christos Zoulas file 5.00 allows user-assisted remote attackers to execute arbitrary code via a crafted compound document file, as demonstrated by a .msi, .doc, or .mpp file. NOTE: some of these details are obtained from third party information.