MGASA-2014-0354
Advisory lineage Upstream: 1 Downstream: 0
Upstream
Published: 26 Aug 2014, 23:04
Last modified:16 Apr 2026, 06:26
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
26 Aug 2014, 23:04
Published
Vulnerability first disclosed
16 Apr 2026, 06:26
Last Modified
Vulnerability information updated
Description
Updated file packages fix CVE-2014-3587 Updated file packages fix security vulnerability: A flaw was found in the way file uses cdf_read_property_info function when checks stream offsets for certain Composite Document Format (CDF). An insufficient input validation flaw for p and q minimal and maximal value, leads to a pointer overflow. This issue only affects 32bit systems (CVE-2014-3587).
Affected Systems
- mageia•file
< 5.12-8.7.mga3
- mageia•file
< 5.16-1.6.mga4