Описание
Integer overflow in the "file" program 4.20, when running on 32-bit systems, as used in products including The Sleuth Kit, might allow user-assisted attackers to execute arbitrary code via a large file that triggers an overflow that bypasses an assert() statement. NOTE: this issue is due to an incorrect patch for CVE-2007-1536.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 4.16-0ubuntu3.2 |
| devel | released | 4.21-1 |
| edgy | released | 4.17-2ubuntu1.2 |
| feisty | released | 4.19-1ubuntu2.1 |
| upstream | needs-triage |
Показывать по
EPSS
5.1 Medium
CVSS2
Связанные уязвимости
Integer overflow in the "file" program 4.20, when running on 32-bit systems, as used in products including The Sleuth Kit, might allow user-assisted attackers to execute arbitrary code via a large file that triggers an overflow that bypasses an assert() statement. NOTE: this issue is due to an incorrect patch for CVE-2007-1536.
Integer overflow in the "file" program 4.20, when running on 32-bit systems, as used in products including The Sleuth Kit, might allow user-assisted attackers to execute arbitrary code via a large file that triggers an overflow that bypasses an assert() statement. NOTE: this issue is due to an incorrect patch for CVE-2007-1536.
Integer overflow in the "file" program 4.20, when running on 32-bit sy ...
Integer overflow in the "file" program 4.20, when running on 32-bit systems, as used in products including The Sleuth Kit, might allow user-assisted attackers to execute arbitrary code via a large file that triggers an overflow that bypasses an assert() statement. NOTE: this issue is due to an incorrect patch for CVE-2007-1536.
ELSA-2007-0391: Moderate: file security update (MODERATE)
EPSS
5.1 Medium
CVSS2