Computer Security
[EN] securityvulns.ru no-pyccku


file utilities integer overflow
Published:24.03.2007
Source:
SecurityVulns ID:7458
Type:local
Threat Level:
5/10
Affected:FILE : file 4.14
CVE:CVE-2007-2799 (Integer overflow in the "file" program 4.20, when running on 32-bit systems, might allow user-assisted attackers to execute arbitrary code via a large file that triggers an overflow that bypasses an assert() statement. NOTE: this issue is due to an incorrect patch for CVE-2007-1536.)
 CVE-2007-1536 (Integer underflow in the file_printf function in the "file" program before 4.20 allows user-assisted attackers to execute arbitrary code via a file that triggers a heap-based buffer overflow.)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod