VDB
GCVE-110-MAGEIA-2014-282
GCVE-110-MAGEIA-2014-282
Advisory Published
A flaw was found in the way file parsed property information from Composite
Document Files (CDF) files, where the mconvert() function did not correctly
compute the truncated pascal string size (CVE-2014-3478).
Multiple flaws were found in the way file parsed property information from
Composite Document Files (CDF) files, due to insufficient boundary checks
on buffers (CVE-2014-3479, CVE-2014-3480, CVE-2014-3487).
Note: these issues were announced as part of the upstream PHP 5.4.30
release, as PHP bundles file's libmagic library. Their announcement also
references an issue in CDF file parsing, CVE-2014-0207, which was
previously fixed in the file package in MGASA-2014-0252, but was not
announced at that time.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | file | 0 (affected), 5.16-1.4.mga4 (unaffected) | — |
| Mageia | file | 0 (affected), 5.12-8.5.mga3 (unaffected) | — |
Browse GCVE Records
72,664 records in the GCVE database · Updated July 15, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.