CVE-2007-2452
published 2007-06-04CVE-2007-2452: Heap-based buffer overflow in the visit_old_format function in locate/locate.c in locate in GNU findutils before 4.2.31 might allow context-dependent attackers…
PriorityP428medium6CVSS 2.0
AVNACMAuSCPIPAP
EPSS
2.23%
80.5th percentile
Heap-based buffer overflow in the visit_old_format function in locate/locate.c in locate in GNU findutils before 4.2.31 might allow context-dependent attackers to execute arbitrary code via a long pathname in a locate database that has the old format, a different vulnerability than CVE-2001-1036.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | findutils | < findutils 4.2.31-1 (bookworm) | findutils 4.2.31-1 (bookworm) |
| gnu | findutils | — | — |
| gnu | findutils | — | — |
| gnu | findutils | — | — |
| gnu | findutils | — | — |
| gnu | findutils | — | — |
| gnu | findutils | >= 0 < 4.2.31-1 | 4.2.31-1 |
| gnu | findutils | >= 0 < 4.2.31-1 | 4.2.31-1 |
| gnu | findutils | >= 0 < 4.2.31-1 | 4.2.31-1 |
| gnu | findutils | >= 0 < 4.2.31-1 | 4.2.31-1 |
CVSS provenance
nvdv2.06.0MEDIUMAV:N/AC:M/Au:S/C:P/I:P/A:P
osv7.2HIGH
vendor_debian7.2LOW
vendor_redhat7.2HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Debian
CVE-2007-2452: findutils - Heap-based buffer overflow in the visit_old_format function in locate/locate.c i...
vendor_debian·2007·CVSS 7.2
CVE-2007-2452 [HIGH] CVE-2007-2452: findutils - Heap-based buffer overflow in the visit_old_format function in locate/locate.c i...
Heap-based buffer overflow in the visit_old_format function in locate/locate.c in locate in GNU findutils before 4.2.31 might allow context-dependent attackers to execute arbitrary code via a long pathname in a locate database that has the old format, a different vulnerability than CVE-2001-1036.
Scope: local
bookworm: resolved (fixed in 4.2.31-1)
bullseye: resolved (fixed in 4.2.31-1)
forky: resolved (fixed in 4.2.31-1)
sid: resolved (fixed in 4.2.31-1)
trixie: resolved (fixed in 4.2.31-1)
Red Hat
CVE-2007-2452: Heap-based buffer overflow in the visit_old_format function in locate/locate
vendor_redhat·CVSS 7.2
CVE-2007-2452 [HIGH] CVE-2007-2452: Heap-based buffer overflow in the visit_old_format function in locate/locate
Heap-based buffer overflow in the visit_old_format function in locate/locate.c in locate in GNU findutils before 4.2.31 might allow context-dependent attackers to execute arbitrary code via a long pathname in a locate database that has the old format, a different vulnerability than CVE-2001-1036.
Statement: Not vulnerable. Red Hat did not ship GNU locate in Red Hat Enterprise Linux 2.1, 3, 4, or 5. This issue does not affect the mlocate or slocate packages that are supplied with Red Hat Enterprise Linux.
GHSA
GHSA-4cfr-8c5p-5jg6: Heap-based buffer overflow in the visit_old_format function in locate/locate
ghsa_unreviewed·2022-05-01·CVSS 7.2
CVE-2007-2452 [HIGH] GHSA-4cfr-8c5p-5jg6: Heap-based buffer overflow in the visit_old_format function in locate/locate
Heap-based buffer overflow in the visit_old_format function in locate/locate.c in locate in GNU findutils before 4.2.31 might allow context-dependent attackers to execute arbitrary code via a long pathname in a locate database that has the old format, a different vulnerability than CVE-2001-1036.
OSV
CVE-2007-2452: Heap-based buffer overflow in the visit_old_format function in locate/locate
osv·2007-06-04·CVSS 7.2
CVE-2007-2452 [HIGH] CVE-2007-2452: Heap-based buffer overflow in the visit_old_format function in locate/locate
Heap-based buffer overflow in the visit_old_format function in locate/locate.c in locate in GNU findutils before 4.2.31 might allow context-dependent attackers to execute arbitrary code via a long pathname in a locate database that has the old format, a different vulnerability than CVE-2001-1036.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02286083http://osvdb.org/36827http://secunia.com/advisories/25477http://secunia.com/advisories/40551http://securityreason.com/securityalert/2760http://www.securityfocus.com/archive/1/470108/100/0/threadedhttp://www.securityfocus.com/bid/24250http://www.securitytracker.com/id?1018183http://www.vupen.com/english/advisories/2007/2015http://www.vupen.com/english/advisories/2010/1796https://exchange.xforce.ibmcloud.com/vulnerabilities/34628http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02286083http://osvdb.org/36827http://secunia.com/advisories/25477http://secunia.com/advisories/40551http://securityreason.com/securityalert/2760http://www.securityfocus.com/archive/1/470108/100/0/threadedhttp://www.securityfocus.com/bid/24250http://www.securitytracker.com/id?1018183http://www.vupen.com/english/advisories/2007/2015http://www.vupen.com/english/advisories/2010/1796https://exchange.xforce.ibmcloud.com/vulnerabilities/34628
2007-06-04
Published