Package : file Version : 5.04-5+squeeze8 CVE ID : CVE-2014-3710 Debian Bug : 768806 Francisco Alonso of Red Hat Product Security found an issue in the file utility: when checking ELF files, note headers are incorrectly checked, thus potentially allowing attackers to cause a denial of service (out-of-bounds read and application crash) by supplying a specially crafted ELF file. For the long-term stable distribution (squeeze-lts), this problem has been fixed in version 5.04-5+squeeze8.
Attachment:
signature.asc
Description: Digital signature