CVE-2007-2799

EPSS 3.5%

file

Published: 5/23/2007Modified: 4/28/2026

Also known as:DEBIAN-CVE-2007-2799

Description

Integer overflow in the "file" program 4.20, when running on 32-bit systems, as used in products including The Sleuth Kit, might allow user-assisted attackers to execute arbitrary code via a large file that triggers an overflow that bypasses an assert() statement. NOTE: this issue is due to an incorrect patch for CVE-2007-1536.

Affected packages (3)

Debian/filefrom 0, < 4.21-1
Debian/filefrom 0, < 4.12-1sarge2
Debian/filefrom 0, < 4.17-5etch3

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2007-2799