file
Page content
- Author: kikadf
- Vulnerable: 5.14-2arcturus1
- Unaffected: 5.14-2arcturus2
Aaron Reffett reported a flaw in the way the file utility determined the type of Portable Executable (PE) format files, the executable format used on Windows. When processing a defective or intentionally prepared PE executable which contains invalid offset information, the file_strncmp routine will access memory that is out of bounds, causing file to crash.