Upstream information
Description
Buffer overflow in tryelf() in readelf.c of the file command allows attackers to execute arbitrary code as the user running file, possibly via a large entity size value in an ELF header (elfhdr.e_shentsize).SUSE information
Overall state of this security issue: Resolved
This issue is currently rated as having moderate severity.
| National Vulnerability Database | |
|---|---|
| Base Score | 4.6 |
| Vector | AV:L/AC:L/Au:N/C:P/I:P/A:P |
| Access Vector | Local |
| Access Complexity | Low |
| Authentication | None |
| Confidentiality Impact | Partial |
| Integrity Impact | Partial |
| Availability Impact | Partial |
SUSE Security Advisories:
- SuSE-SA:2003:017, published Friday, Mar 21th 2003 10:10 MET
SUSE Timeline for this CVE
CVE page created: Fri Jun 28 00:17:16 2013CVE page last modified: Wed Mar 26 11:13:43 2025