CVE-2004-1304

file - Stack-Based Buffer Overflow in ELF Header Parsing

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-1304. PoCs published by anonymous.

AI-analyzed exploit summary The provided text describes a buffer overflow vulnerability in the 'file' command (CVE-2004-1304) due to improper string length validation, potentially allowing arbitrary code execution. However, no actual exploit code is included in the snippet.

Description

Stack-based buffer overflow in the ELF header parsing code in file before 4.12 allows attackers to execute arbitrary code via a crafted ELF file.

Exploits (1)

exploitdb WRITEUP VERIFIED
by anonymous · textremotelinux
https://www.exploit-db.com/exploits/24784

The provided text describes a buffer overflow vulnerability in the 'file' command (CVE-2004-1304) due to improper string length validation, potentially allowing arbitrary code execution. However, no actual exploit code is included in the snippet.

Classification
Writeup 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Theoretical
Target: file command (versions prior to fix for CVE-2004-1304)
No auth needed
Prerequisites: Victim must process a malicious file with the vulnerable 'file' command
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Various Sources vendor-advisory x_refsource_trustix
http://www.trustix.net/errata/2004/0063/
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1012433
Third Party Advisory vendor-advisory x_refsource_gentoo
http://www.gentoo.org/security/en/glsa/glsa-200412-07.xml
Patch, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/11771
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/18368

Scores

EPSS 0.1140
EPSS Percentile 95.5%

Details

Status published
Products (16)
file/file 4.0
file/file 4.1
file/file 4.2
file/file 4.3
file/file 4.4
file/file 4.5
file/file 4.6
file/file 4.7
file/file 4.8
file/file 4.9
... and 6 more
Published Jan 10, 2005
Tracked Since Feb 18, 2026