CVE-2007-1536
published 2007-03-20CVE-2007-1536: Integer underflow in the file_printf function in the "file" program before 4.20 allows user-assisted attackers to execute arbitrary code via a file that…
critical9.3CVSS 3.1
AVNACMAuNCCICAC
EXPLOIT
Integer underflow in the file_printf function in the "file" program before 4.20 allows user-assisted attackers to execute arbitrary code via a file that triggers a heap-based buffer overflow.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | file | < file 4.20-1 (bookworm) | file 4.20-1 (bookworm) |
| debian | file | < file 4.21-1 (bookworm) | file 4.21-1 (bookworm) |
| file | file | <= 4.19 | — |
| file | file | — | — |
| file_project | file | >= 0 < 4.21-1 | 4.21-1 |
| file_project | file | >= 0 < 4.20-1 | 4.20-1 |
| file_project | file | >= 0 < 4.21-1 | 4.21-1 |
| file_project | file | >= 0 < 4.20-1 | 4.20-1 |
| file_project | file | >= 0 < 4.21-1 | 4.21-1 |
| file_project | file | >= 0 < 4.20-1 | 4.20-1 |
| file_project | file | >= 0 < 4.21-1 | 4.21-1 |
| file_project | file | >= 0 < 4.20-1 | 4.20-1 |
CVSS provenance
nvd9.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
osv9.3CRITICAL