Lucene search

K
ubuntucveUbuntu.comUB:CVE-2007-2799
HistoryMay 23, 2007 - 12:00 a.m.

CVE-2007-2799

2007-05-2300:00:00
ubuntu.com
ubuntu.com
16

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.049

Percentile

92.8%

Integer overflow in the โ€œfileโ€ program 4.20, when running on 32-bit
systems, as used in products including The Sleuth Kit, might allow
user-assisted attackers to execute arbitrary code via a large file that
triggers an overflow that bypasses an assert() statement. NOTE: this issue
is due to an incorrect patch for CVE-2007-1536.

OSVersionArchitecturePackageVersionFilename
ubuntu6.06noarchfile<ย 4.16-0ubuntu3.2UNKNOWN
ubuntu6.10noarchfile<ย 4.17-2ubuntu1.2UNKNOWN
ubuntu7.04noarchfile<ย 4.19-1ubuntu2.1UNKNOWN

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.049

Percentile

92.8%