Medium severity6.5NVD Advisory· Published Jul 17, 2012· Updated Jun 16, 2026
CVE-2012-1571
CVE-2012-1571
Description
file before 5.11 and libmagic allow remote attackers to cause a denial of service (crash) via a crafted Composite Document File (CDF) file that triggers (1) an out-of-bounds read or (2) an invalid pointer dereference.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4cpe:2.3:a:christos_zoulas:file:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:christos_zoulas:file:*:*:*:*:*:*:*:*range: <=5.10
- (no CPE)range: <5.11
- cpe:2.3:a:tim_robbins:libmagic:*:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
6- mx.gw.com/pipermail/file/2012/000914.htmlnvdPatch
- github.com/glensc/file/commit/1859fdb4e67c49c463c4e0078054335cd46ba295nvdExploitPatch
- github.com/glensc/file/commit/1aec04dbf8a24b8a6ba64c4f74efa0628e36db0bnvdExploitPatch
- www.debian.org/security/2012/dsa-2422nvd
- www.mandriva.com/security/advisoriesnvd
- www.ubuntu.com/usn/USN-2123-1nvd
News mentions
0No linked articles in our index yet.