CVE-2003-0102
file - buffer overflow
EPSS 5.7%
Description
Buffer overflow in tryelf() in readelf.c of the file command allows attackers to execute arbitrary code as the user running file, possibly via a large entity size value in an ELF header (elfhdr.e_shentsize).
How to fix CVE-2003-0102
To remediate CVE-2003-0102, upgrade the affected package to a fixed version below.
- Debian/file—upgrade to 3.40-1.1 or later
- Debian/file—upgrade to 3.37-3.1.woody.1 or later
Is CVE-2003-0102 being exploited?
Moderate — EPSS is 5.7%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (2)
- from 0, < 3.40-1.1
- from 0, < 3.37-3.1.woody.1