Mandrake Linux Security Advisory : file (MDKSA-2007:067)

Jean-Sebastien Guay-Leroux discovered an integer underflow in the fileprintf function in file prior to 4.20 that allows user-assisted attackers to execute arbitrary code via a file that triggers a heap-based buffer overflow. Updated packages have been patched to address this issue. %NASLMINLEVEL...

CentOS 4 : file (CESA-2007:0124)

An updated file package that fixes a security flaw is now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The file command is used to identify a particular file according to the type of data...

file security update

CentOS Errata and Security Advisory CESA-2007:0124 An updated file package that fixes a security flaw is now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The file command is used to identify a...

Moderate: Red Hat Security Advisory: file security update

An updated file package that fixes a security flaw is now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The file command is used to identify a particular file according to the type of data...

file 4.20 fixes a heap overflow in that can result in arbitrary code execution

Integer underflow in the fileprintf function in the "file" program before 4.20 allows user-assisted attackers to execute arbitrary code via a file that triggers a heap-based buffer overflow...

CVE-2007-0654

Integer underflow in X MultiMedia System xmms 1.2.10 allows user-assisted remote attackers to execute arbitrary code via crafted header information in a skin bitmap image, which results in a stack-based buffer overflow...

CVE-2007-0654

Integer underflow in X MultiMedia System xmms 1.2.10 allows user-assisted remote attackers to execute arbitrary code via crafted header information in a skin bitmap image, which results in a stack-based buffer overflow...

Design/Logic Flaw

Integer underflow in X MultiMedia System xmms 1.2.10 allows user-assisted remote attackers to execute arbitrary code via crafted header information in a skin bitmap image, which results in a stack-based buffer overflow...

CVE-2007-0654

XMMS 1.2.10 contains an integer underflow in the BMP skin header processing, leading to a stack-based buffer overflow that enables remote code execution. Affected files: the skin bitmap handling code within XMMS; impact includes arbitrary code execution on the affected system. Public advisories a...

CVE-2007-0654

Integer underflow in X MultiMedia System xmms 1.2.10 allows user-assisted remote attackers to execute arbitrary code via crafted header information in a skin bitmap image, which results in a stack-based buffer overflow...

CVE-2007-1536

Integer underflow in the fileprintf function in the "file" program before 4.20 allows user-assisted attackers to execute arbitrary code via a file that triggers a heap-based buffer overflow...

CVE-2007-1536

Integer underflow in the fileprintf function in the "file" program before 4.20 allows user-assisted attackers to execute arbitrary code via a file that triggers a heap-based buffer overflow...

CVE-2007-1536

Integer underflow in the fileprintf function in the "file" program before 4.20 allows user-assisted attackers to execute arbitrary code via a file that triggers a heap-based buffer overflow...

Design/Logic Flaw

Integer underflow in the fileprintf function in the "file" program before 4.20 allows user-assisted attackers to execute arbitrary code via a file that triggers a heap-based buffer overflow...

CVE-2007-1536

Integer underflow in the fileprintf function in the "file" program before 4.20 allows user-assisted attackers to execute arbitrary code via a file that triggers a heap-based buffer overflow...

CVE-2007-1536

The CVE-2007-1536 issue is an integer underflow in the file_printf() function of the file(1) utility (used by The Sleuth Kit). This can cause a heap-based buffer overflow when processing crafted files, potentially allowing arbitrary code execution with the invoked user’s privileges. Public adviso...

File(1) 4.13 - Command File_PrintF Integer Underflow

File1 4.13 - Command FilePrintF Integer Underflow // source: https://www.securityfocus.com/bid/23021/info The file1 command is prone to an integer-underflow vulnerability because the command fails to adequately handle user-supplied data. An attacker can leverage this issue to corrupt heap memory...

File(1) 4.13 - Command File_PrintF Integer Underflow

// source: https://www.securityfocus.com/bid/23021/info The file1 command is prone to an integer-underflow vulnerability because the command fails to adequately handle user-supplied data. An attacker can leverage this issue to corrupt heap memory and execute arbitrary code with the privileges of ...

NSS: SSLv2 protocol buffer overflows

Integer underflow in the SSLv2 support in Mozilla Network Security Services NSS before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, SeaMonkey before 1.0.8, Thunderbird before 1.5.0.10, and certain Sun Java System server products before 20070611, allows remote attackers to...

tcpdump - Print-bgp.C Remote Integer Underflow

tcpdump - Print-bgp.C Remote Integer Underflow // source: https://www.securityfocus.com/bid/24965/info The 'tcpdump' utility is prone to an integer-underflow vulnerability because it fails to bounds-check user-supplied input before copying it into an insufficiently sized memory buffer. An attacke...