| Revision Date: | 2016-05-16 | Version: | 1 | | Title: | CVE-2015-4604 on Ubuntu 16.04 LTS (xenial) - low. | | Description: | The mget function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly maintain a certain pointer relationship, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string that is mishandled by a "Python script text executable" rule.
| | Family: | unix | Class: | vulnerability | | Status: | | Reference(s): | CVE-2015-4604
| | Platform(s): | Ubuntu 16.04 LTS
| Product(s): | | | Definition Synopsis | | Ubuntu 16.04 LTS (xenial) is installed. AND Package Information
NOT file package in xenial, while related to the CVE in some way, is not affected.
OR NOT libmagic1 package in xenial, while related to the CVE in some way, is not affected.
OR NOT python-magic package in xenial, while related to the CVE in some way, is not affected.
OR NOT python3-magic package in xenial, while related to the CVE in some way, is not affected.
|
|