Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-3686-1
HistoryJun 14, 2018 - 12:00 a.m.

file vulnerabilities

2018-06-1400:00:00
ubuntu.com
47

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.3 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

8.7 High

AI Score

Confidence

Low

0.061 Low

EPSS

Percentile

93.6%

JSON

Releases

  • Ubuntu 18.04 ESM
  • Ubuntu 17.10
  • Ubuntu 16.04 ESM
  • Ubuntu 14.04 ESM

Packages

  • file - Tool to determine file types

Details

Alexander Cherepanov discovered that file incorrectly handled a large
number of notes. An attacker could use this issue to cause a denial of
service. This issue only affected Ubuntu 14.04 LTS. (CVE-2014-9620)

Alexander Cherepanov discovered that file incorrectly handled certain long
strings. An attacker could use this issue to cause a denial of service.
This issue only affected Ubuntu 14.04 LTS. (CVE-2014-9621)

Alexander Cherepanov discovered that file incorrectly handled certain
malformed ELF files. An attacker could use this issue to cause a denial of
service, or possibly execute arbitrary code. This issue only affected
Ubuntu 14.04 LTS. (CVE-2014-9653)

It was discovered that file incorrectly handled certain magic files. An
attacker could use this issue with a specially crafted magic file to cause
a denial of service, or possibly execute arbitrary code. This issue only
affected Ubuntu 14.04 LTS. (CVE-2015-8865)

It was discovered that file incorrectly handled certain malformed ELF
files. An attacker could use this issue to cause a denial of service.
(CVE-2018-10360)

OSVersionArchitecturePackageVersionFilename
Ubuntu18.04noarchfile< 1:5.32-2ubuntu0.1UNKNOWN
Ubuntu18.04noarchfile-dbgsym< 1:5.32-2ubuntu0.1UNKNOWN
Ubuntu18.04noarchlibmagic-dev< 1:5.32-2ubuntu0.1UNKNOWN
Ubuntu18.04noarchlibmagic-mgc< 1:5.32-2ubuntu0.1UNKNOWN
Ubuntu18.04noarchlibmagic1< 1:5.32-2ubuntu0.1UNKNOWN
Ubuntu18.04noarchlibmagic1-dbgsym< 1:5.32-2ubuntu0.1UNKNOWN
Ubuntu17.10noarchfile< 1:5.32-1ubuntu0.1UNKNOWN
Ubuntu17.10noarchfile-dbgsym< 1:5.32-1ubuntu0.1UNKNOWN
Ubuntu17.10noarchlibmagic-dev< 1:5.32-1ubuntu0.1UNKNOWN
Ubuntu17.10noarchlibmagic-mgc< 1:5.32-1ubuntu0.1UNKNOWN
Rows per page:
1-10 of 301

Related

openvas 40
cloudfoundry 1
nessus 64
mageia 4
ubuntucve 6
fedora 4
ubuntu 1
amazon 2
gentoo 3
prion 6
debian 5
cve 6
securityvulns 2
cvelist 6
debiancve 6
altlinux 1
veracode 4
nvd 6
f5 3
redhat 5
osv 5
hackerone 1
slackware 1
oraclelinux 2
redhatcve 2
centos 2
ibm 2
alpinelinux 1
rosalinux 1
suse 3
photon 3
archlinux 1
openvas
openvas
Ubuntu: Security Advisory (USN-3686-1)
2018-06-15 00:00:00
Mageia: Security Advisory (MGASA-2015-0030)
2022-01-28 00:00:00
Fedora Update for file FEDORA-2015-2020
2015-02-19 00:00:00
cloudfoundry
cloudfoundry
USN-3686-1: file vulnerabilities | Cloud Foundry
2018-06-20 00:00:00
nessus
nessus
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : file vulnerabilities (USN-3686-1)
2018-06-15 00:00:00
SUSE SLED12 / SLES12 Security Update : file (SUSE-SU-2017:3048-1)
2017-11-27 00:00:00
Fedora 21 : file-5.22-2.fc21 (2015-2020)
2015-02-18 00:00:00
mageia
mageia
Updated file packages fix security vulnerabilities
2015-01-19 19:47:36
Updated file packages fix a security vulnerability
2018-06-25 01:02:29
Updated php packages fix security vulnerabilities
2015-01-28 00:08:29
ubuntucve
ubuntucve
CVE-2014-9621
2015-01-21 00:00:00
CVE-2014-9653
2015-03-30 00:00:00
CVE-2014-9620
2015-01-21 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: file-5.22-2.fc21
2015-02-18 05:55:37
[SECURITY] Fedora 28 Update: file-5.33-6.fc28
2018-06-16 20:20:29
[SECURITY] Fedora 27 Update: file-5.31-12.fc27
2018-06-28 13:35:15
ubuntu
ubuntu
file vulnerabilities
2018-06-28 00:00:00
amazon
amazon
Medium: file
2015-03-23 08:32:00
Low: file
2020-07-14 02:34:00
gentoo
gentoo
file: Denial of service
2015-03-16 00:00:00
file: Multiple vulnerabilities
2017-01-17 00:00:00
file: Denial of service
2018-06-23 00:00:00
prion
prion
Design/Logic Flaw
2015-01-21 18:59:00
Design/Logic Flaw
2015-01-21 18:59:00
Design/Logic Flaw
2015-03-30 10:59:00
debian
debian
[SECURITY] [DLA 204-1] file security update
2015-04-19 13:06:12
[SECURITY] [DLA 460-1] file security update
2016-05-07 14:23:47
[SECURITY] [DSA 3196-1] file security update
2015-03-18 17:58:15
cve
cve
CVE-2014-9653
2015-03-30 10:59:03
CVE-2014-9621
2015-01-21 18:59:07
CVE-2014-9620
2015-01-21 18:59:05
securityvulns
securityvulns
[SECURITY] [DSA 3196-1] file security update
2015-03-18 00:00:00
libmagic / file / fileinfo / PHP security vulnerabilities
2015-03-18 00:00:00
cvelist
cvelist
CVE-2014-9653
2015-03-30 10:00:00
CVE-2014-9620
2015-01-21 18:00:00
CVE-2014-9621
2015-01-21 18:00:00
debiancve
debiancve
CVE-2014-9621
2015-01-21 18:59:07
CVE-2014-9653
2015-03-30 10:59:03
CVE-2014-9620
2015-01-21 18:59:05
altlinux
altlinux
Security fix for the ALT Linux 8 package file version 4.26-alt13
2017-03-28 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:29:34
Denial Of Service (DoS)
2020-09-21 06:26:50
Denial Of Service (DoS)
2019-05-02 05:29:34
nvd
nvd
CVE-2014-9620
2015-01-21 18:59:05
CVE-2014-9621
2015-01-21 18:59:07
CVE-2014-9653
2015-03-30 10:59:03
f5
f5
K50899356 : file vulnerability CVE-2018-10360
2022-05-05 00:00:00
SOL54924436 - PHP vulnerability CVE-2015-8865
2016-06-10 00:00:00
K54924436 : PHP vulnerability CVE-2015-8865
2016-06-10 00:00:00
redhat
redhat
(RHSA-2020:1022) Low: file security update
2020-03-31 09:09:44
(RHSA-2020:2521) Low: file security update
2020-06-10 21:33:07
(RHSA-2020:2768) Low: file security update
2020-06-30 11:41:08
osv
osv
file - security update
2015-04-19 00:00:00
file - security update
2016-05-07 00:00:00
CVE-2018-10360
2018-06-11 10:29:00
hackerone
hackerone
Internet Bug Bounty: Buffer over-write in finfo_open with malformed magic file.
2019-01-07 20:34:26
slackware
slackware
[slackware-security] file
2018-07-31 07:34:02
oraclelinux
oraclelinux
file security update
2020-04-06 00:00:00
file security, bug fix, and enhancement update
2016-05-12 00:00:00
redhatcve
redhatcve
CVE-2018-10360
2018-06-15 20:48:40
CVE-2019-8905
2020-03-04 19:33:44
centos
centos
file, python security update
2020-04-08 18:00:55
file, python security update
2016-05-16 10:13:44
ibm
ibm
Security Bulletin: Multiple vulnerabilities in file affect IBM Security Network Protection
2018-06-16 21:43:49
Security Bulletin: File vulnerabilities affect IBM SmartClound Entry
2020-07-19 00:49:12
alpinelinux
alpinelinux
CVE-2019-8905
2019-02-18 17:29:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1833
2021-07-02 16:40:28
suse
suse
Security update for file (moderate)
2019-03-18 00:00:00
Security update for file (moderate)
2019-04-12 00:00:00
Security update for php5 (moderate)
2018-09-12 12:08:47
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-2.0-0080
2018-08-03 00:00:00
Moderate Photon OS Security Update - PHSA-2018-0080
2018-08-03 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-1.0-0171
2018-08-03 00:00:00
archlinux
archlinux
[ASA-201903-5] file: multiple issues
2019-03-03 00:00:00

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.3 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

8.7 High

AI Score

Confidence

Low

0.061 Low

EPSS

Percentile

93.6%

JSON
Related for USN-3686-1
openvas40cloudfoundry1nessus64mageia4ubuntucve6fedora4ubuntu1amazon2gentoo3prion6debian5cve6securityvulns2cvelist6debiancve6altlinux1veracode4nvd6f53redhat5osv5hackerone1slackware1oraclelinux2redhatcve2centos2ibm2alpinelinux1rosalinux1suse3photon3archlinux1