CVE-2007-1536

2007-03-20 21:19:00 2018-10-16 18:38:58

Integer underflow in the file_printf function in the "file" program before 4.20 allows user-assisted attackers to execute arbitrary code via a file that triggers a heap-based buffer overflow.

Vector

NETWORK

Complexity

MEDIUM

Authentication

NONE

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

File File 4.19 (not an official CPE)

File - File

Advisory	Patch	Confirmed	Link
			openbsd-file-bo(36283)
			https://issues.rpath.com/browse/RPL-1148
			ADV-2007-1040
			ADV-2007-1939
			https://bugs.gentoo.org/show_bug.cgi?id=171452
			USN-439-1
			1017796
			23021
			20070828 Re: OpenBSD 4.1 - Heap overflow vulnerabillity
			20070825 OpenBSD 4.1 - Heap overflow vulnerabillity
			SUSE-SR:2007:005
			RHSA-2007:0124
			MDKSA-2007:067
			SUSE-SA:2007:040
			http://support.avaya.com/elmodocs2/security/ASA-2007-179...
			VU#606700
			DSA-1274
			SSA:2007-093-01
			FreeBSD-SA-07:04
			GLSA-200703-26
			GLSA-200710-19
			[4.0] 20070709 015: SECURITY FIX: July 9, 2007
			[file] 20070302 file-4.20 is now available
			APPLE-SA-2007-05-24
			http://docs.info.apple.com/article.html?artnum=305530
			NetBSD-SA2008-001

CVE-2007-1536

2007-03-20 21:19:00 2018-10-16 18:38:58

Vector

Complexity

Authentication

Confidentiality

Integrity

Availability

Numeric Errors (ID 189)