Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2007-2799 | 2 File, Sleuth Kit | 2 File, The Sleuth Kith | 2024-11-21 | 5.1 MEDIUM | N/A |
Integer overflow in the "file" program 4.20, when running on 32-bit systems, as used in products including The Sleuth Kit, might allow user-assisted attackers to execute arbitrary code via a large file that triggers an overflow that bypasses an assert() statement. NOTE: this issue is due to an incorrect patch for CVE-2007-1536. | |||||
CVE-2007-1536 | 1 File | 1 File | 2024-11-21 | 9.3 HIGH | N/A |
Integer underflow in the file_printf function in the "file" program before 4.20 allows user-assisted attackers to execute arbitrary code via a file that triggers a heap-based buffer overflow. | |||||
CVE-2004-1304 | 3 File, Gentoo, Trustix | 3 File, Linux, Secure Linux | 2024-11-20 | 10.0 HIGH | N/A |
Stack-based buffer overflow in the ELF header parsing code in file before 4.12 allows attackers to execute arbitrary code via a crafted ELF file. | |||||
CVE-2003-0102 | 2 File, Netbsd | 2 File, Netbsd | 2024-11-20 | 4.6 MEDIUM | N/A |
Buffer overflow in tryelf() in readelf.c of the file command allows attackers to execute arbitrary code as the user running file, possibly via a large entity size value in an ELF header (elfhdr.e_shentsize). |