Vulnerability CVE-2009-1515

Vulnerability Name:

CVE-2009-1515 (CCN-50244)

Assigned:

2009-04-27

Published:

2009-04-27

Updated:

2009-11-13

Summary:

Heap-based buffer overflow in the cdf_read_sat function in src/cdf.c in Christos Zoulas file 5.00 allows user-assisted remote attackers to execute arbitrary code via a crafted compound document file, as demonstrated by a .msi, .doc, or .mpp file.
Note: some of these details are obtained from third party information.

CVSS v3 Severity:

7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

CWE-119

Vulnerability Consequences:

Gain Access

References:

Source: CCN
Type: file FTP site
file

Source: CONFIRM
Type: UNKNOWN
ftp://ftp.astron.com/pub/file/file-5.01.tar.gz

Source: MISC
Type: UNKNOWN
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=515603

Source: CCN
Type: Debian Bug report logs - #525820
/usr/bin/file: Crashes when run on an msi file

Source: MISC
Type: UNKNOWN
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=525820

Source: MITRE
Type: CNA
CVE-2009-1515

Source: MLIST
Type: UNKNOWN
[file] 20090501 file 5.01 is now available

Source: CCN
Type: SA34881
file "cdf_read_sat()" Buffer Overflow Vulnerability

Source: SECUNIA
Type: Vendor Advisory
34881

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2009:129

Source: OSVDB
Type: UNKNOWN
54100

Source: CCN
Type: OSVDB ID: 54100
Christos Zoulas file src/cdf.c cdf_read_sat() Function Overflow

Source: CCN
Type: OSVDB ID: 60000
Christos Zoulas file Compound Document (CDF) Handling Multiple Overflows

Source: BID
Type: Exploit
34745

Source: CCN
Type: BID-34745
file 'cdf_read_sat()' Buffer Overflow Vulnerability

Source: XF
Type: UNKNOWN
file-cdfreadsat-bo(50244)

Vulnerable Configuration:

Configuration 1:

cpe:/a:christos_zoulas:file:5.00:*:*:*:*:*:*:*

Denotes that component is vulnerable

BACK