{"id":"MGASA-2014-0123","summary":"Updated file packages fix CVE-2014-2270","details":"Updated file packages fix security vulnerability:\n\nA flaw was found in the way the file utility determined the type of Portable\nExecutable (PE) format files, the executable format used on Windows. A\nmalicious PE file could cause the file utility to crash or, potentially,\nexecute arbitrary code (CVE-2014-2270).\n\nA memory leak in file has also been fixed.\n","modified":"2026-04-16T06:22:46.238581287Z","published":"2014-03-07T14:18:43Z","upstream":["CVE-2014-2270"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2014-0123.html"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1072220"},{"type":"WEB","url":"http://openwall.com/lists/oss-security/2014/03/05/7"},{"type":"WEB","url":"https://github.com/file/file/commit/c0c0032b9e9eb57b91fefef905a3b018bab492d9"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=12944"}],"affected":[{"package":{"name":"file","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/file?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.12-8.2.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0123.json"}},{"package":{"name":"file","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/file?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.16-1.2.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0123.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}