I wonder if this counts for 'file' as well

Yes, for example this bug affects 'file': https://sourceware.org/bugzilla/show_bug.cgi?id=16825

The code in 'file' tries to parse the given file with every built-in format loader, so there are likely many more vulnerabilities like this one.

I don't think so. "file" only needs to read the first few bytes at the beginning of a file to guess what type of file it is, so it isn't likely to have any buffer overflow problems.

You might think so, but 'file' has its share of buffer overflows, integer overflows, attacker-inducible infinite loops, etc. It does some more extensive parsing for some kinds of files, and some of those end up with edge cases. Here's one from two days ago, a buffer overrun in parsing ELF files: https://access.redhat.com/security/cve/CVE-2014-3710. Others: https://security-tracker.debian.org/tracker/source-package/f...