Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:23167
HistoryApr 10, 2020 - 12:18 a.m.

Arbitrary Code Execution

2020-04-1000:18:35
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10
file utility
vulnerability
arbitrary code execution
integer underflow

EPSS

0.049

Percentile

92.8%

file is vulnerable to arbitrary code execution. The vulnerability exists as the fix for CVE-2007-1536 introduced a new integer underflow flaw in the file utility. An attacker could create a carefully crafted file which, if examined by a victim using the file utility, could lead to arbitrary code execution.

References