Published: 20/03/2007 Updated: 16/10/2018

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 935

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Integer underflow in the file_printf function in the "file" program prior to 4.20 allows user-assisted malicious users to execute arbitrary code via a file that triggers a heap-based buffer overflow.

Vulnerable Product	Search on Vulmon	Subscribe to Product
file file

Jean-Sebastien Guay-Leroux discovered that “file” did not correctly check the size of allocated heap memory If a user were tricked into examining a specially crafted file with the “file” utility, a remote attacker could execute arbitrary code with user privileges ...

Debian Bug report logs - #415362 Security fix included in GNU file 420 Package: file; Maintainer for file is Christoph Biedl <debianaxhn@manchmalin-ulmde>; Source for file is src:file (PTS, buildd, popcon) Reported by: "era eriksson" <era@ikifi> Date: Sun, 18 Mar 2007 19:51:02 UTC Severity: grave Tags: etch, pa ...

Debian Bug report logs - #428293 file - CVE-2007-2799: incorrect patch for CVE-2007-1536 Package: file; Maintainer for file is Christoph Biedl <debianaxhn@manchmalin-ulmde>; Source for file is src:file (PTS, buildd, popcon) Reported by: Bastian Blank <waldi@debianorg> Date: Sun, 10 Jun 2007 14:03:01 UTC Severity ...

source: wwwsecurityfocuscom/bid/23021/info The file(1) command is prone to an integer-underflow vulnerability because the command fails to adequately handle user-supplied data An attacker can leverage this issue to corrupt heap memory and execute arbitrary code with the privileges of a user running the command A successful attack may r ...

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-1536

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect