Mandriva: 2014:116: file

Posted by bob on Jun 11, 2014 7:05 AM EDT
LinuxSecurity.com; By Benjamin D. Thomas 		Mail this story
Print this story

A flaw was found in the way file's Composite Document Files (CDF) format parser handle CDF files with many summary info entries. The cdf_unpack_summary_info() function unnecessarily repeatedly read the info from the same offset. This led to many file_printf() calls in cdf_file_property_info(), which caused file to use an excessive amount of CPU time when parsing a specially-crafted CDF file (CVE-2014-0237).]

Full Story

  Nav
» Read more about: Story Type: News Story, Security; Groups: Developer, Mandriva

« Return to the newswire homepage

This topic does not have any threads posted yet!

You cannot post until you login.