Mandriva Linux Security Advisory 2009-129 - Heap-based buffer overflow in the cdf_read_sat function in src/cdf.c in Christos Zoulas file 5.00 allows user-assisted remote attackers to execute arbitrary code via a crafted compound document file, as demonstrated by a.msi,.doc, or.mpp file. NOTE: some of these details are obtained from third party information. This update provides file-5.03, which is not vulnerable to this, and other unspecified issues.
e0115bbf74e3e735b6066658c896eb55ff06da615dc8d4f7798324a7c7b20202