file

• Author: voroskoi
• Vulnerable: 4.20-1
• Unaffected: 4.21-1terminus1

A vulnerability has been reported in file, which potentially can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an unspecified integer underflow within the “file_printf” function, which can be exploited to cause a heap-based buffer overflow.

• Bug Tracker URL: http://bugs.frugalware.org/task/2119

CVEs:

• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1536
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2799