Vulnerabilities

CVE-2007-2799

by Fred · 23/05/2007

Integer overflow in the "file" program 4.20, when running on 32-bit systems, as used in products including The Sleuth Kit, might allow user-assisted attackers to execute arbitrary code via a large file that triggers an overflow that bypasses an assert() statement. NOTE: this issue is due to an incorrect patch for CVE-2007-1536.

Date published : 2007-05-23

http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html

http://www.securityfocus.com/bid/24146

Similar

Tags: Cybersecurity Alert