Description

softmagic.c in file before 5.17 and libmagic allows context-dependent attackers to cause a denial of service (out-of-bounds memory access and crash) via crafted offsets in the softmagic of a PE executable.

Remediation

References

CVE-2014-2270

Related Vulnerabilities

MyBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2011-5131)

Oracle Database Server Other Vulnerability (CVE-2005-0298)

TCExam Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-5746)

WordPress Plugin S3 Video Cross-Site Scripting (0.982)

qdPM Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-11811)

Severity

Medium

Classification

CVE-2014-2270 CWE-119

Tags

Missing Update Known Vulnerabilities