CVE-2007-2799
CVE-2007-2799
Integer overflow in the "file" program 4.20, when running on 32-bit systems, as used in products including The Sleuth Kit, might allow user-assisted attackers to execute arbitrary code via a large file that triggers an overflow that bypasses an assert() statement. NOTE: this issue is due to an incorrect patch for CVE-2007-1536.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-001.txt.aschttp://docs.info.apple.com/article.html?artnum=307562http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.htmlhttp://osvdb.org/38498https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=241022http://secunia.com/advisories/25394http://secunia.com/advisories/25544http://secunia.com/advisories/25578http://secunia.com/advisories/25931http://secunia.com/advisories/26203http://secunia.com/advisories/26294http://secunia.com/advisories/26415