CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
92.8%
Integer overflow in the โfileโ program 4.20, when running on 32-bit
systems, as used in products including The Sleuth Kit, might allow
user-assisted attackers to execute arbitrary code via a large file that
triggers an overflow that bypasses an assert() statement. NOTE: this issue
is due to an incorrect patch for CVE-2007-1536.