Mandriva Linux Security Advisory : file (MDVSA-2014:167)
Medium Nessus Plugin ID 77646
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionUpdated file packages fix security vulnerability :
A flaw was found in the way file uses cdf_read_property_info function when checks stream offsets for certain Composite Document Format (CDF). An insufficient input validation flaw for p and q minimal and maximal value, leads to a pointer overflow. This issue only affects 32bit systems (CVE-2014-3587).
SolutionUpdate the affected packages.