1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
PublicDate: 2007-05-23
Candidate: CVE-2007-2799
References:
http://www.ubuntu.com/usn/usn-439-2
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2799
Description:
Integer overflow in the "file" program 4.20, when running on 32-bit
systems, as used in products including The Sleuth Kit, might allow
user-assisted attackers to execute arbitrary code via a large file that
triggers an overflow that bypasses an assert() statement. NOTE: this issue
is due to an incorrect patch for CVE-2007-1536.
Ubuntu-Description:
Notes:
Bugs:
dapper_file: released (4.16-0ubuntu3.2)
edgy_file: released (4.17-2ubuntu1.2)
feisty_file: released (4.19-1ubuntu2.1)
devel_file: released (4.21-1)
upstream_file:
|