LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

file: arbitrary code execution

Package(s):file CVE #(s):CVE-2007-1536
Created:March 22, 2007 Updated:May 30, 2007
Description: The "file" utility incorrectly checks the allocated heap memory size. If a remote attacker can trick a user into looking at specially crafted files with file, arbitrary code can be executed with the user's privileges.
Alerts:
Red Hat RHSA-2007:0391-01 2007-05-30
Slackware SSA:2007-093-01 2007-04-04
Gentoo 200703-26 2007-03-30
Debian DSA-1274-1 2007-04-02
Fedora FEDORA-2007-391 2007-03-30
Red Hat RHSA-2007:0124-01 2007-03-23
Mandriva MDKSA-2007:067 2007-03-22
rPath rPSA-2007-0059-1 2007-03-22
Ubuntu USN-439-1 2007-03-21
(Log in to post comments)

file: arbitrary code execution

Posted Mar 29, 2007 7:14 UTC (Thu) by tialaramex (subscriber, #21167) [Link]

Mandriva date should probably read 2007-03-22

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds