Vulnerabilites related to sleuth_kit - the_sleuth_kith
CVE-2007-2799 (GCVE-0-2007-2799)
Vulnerability from cvelistv5
Published
2007-05-23 21:00
Modified
2024-08-07 13:49
Severity ?
CWE
  • n/a
Summary
Integer overflow in the "file" program 4.20, when running on 32-bit systems, as used in products including The Sleuth Kit, might allow user-assisted attackers to execute arbitrary code via a large file that triggers an overflow that bypasses an assert() statement. NOTE: this issue is due to an incorrect patch for CVE-2007-1536.
References
http://www.debian.org/security/2007/dsa-1343 vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/29179 third-party-advisory, x_refsource_SECUNIA
http://www.trustix.org/errata/2007/0024/ vendor-advisory, x_refsource_TRUSTIX
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=241022 x_refsource_CONFIRM
http://secunia.com/advisories/26415 third-party-advisory, x_refsource_SECUNIA
http://support.avaya.com/elmodocs2/security/ASA-2007-290.htm x_refsource_CONFIRM
http://www.vupen.com/english/advisories/2008/0924/references vdb-entry, x_refsource_VUPEN
http://www.securitytracker.com/id?1018140 vdb-entry, x_refsource_SECTRACK
http://www.novell.com/linux/security/advisories/2007_40_file.html vendor-advisory, x_refsource_SUSE
https://issues.rpath.com/browse/RPL-1311 x_refsource_CONFIRM
http://secunia.com/advisories/25931 third-party-advisory, x_refsource_SECUNIA
http://www.amavis.org/security/asa-2007-3.txt x_refsource_CONFIRM
http://secunia.com/advisories/25544 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/29420 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2007:114 vendor-advisory, x_refsource_MANDRIVA
http://www.redhat.com/support/errata/RHSA-2007-0391.html vendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/25578 third-party-advisory, x_refsource_SECUNIA
http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html vendor-advisory, x_refsource_APPLE
http://www.securityfocus.com/archive/1/469520/30/6420/threaded mailing-list, x_refsource_BUGTRAQ
https://exchange.xforce.ibmcloud.com/vulnerabilities/34731 vdb-entry, x_refsource_XF
http://www.vupen.com/english/advisories/2007/2071 vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/25394 third-party-advisory, x_refsource_SECUNIA
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-001.txt.asc vendor-advisory, x_refsource_NETBSD
http://docs.info.apple.com/article.html?artnum=307562 x_refsource_CONFIRM
http://secunia.com/advisories/26294 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/26203 third-party-advisory, x_refsource_SECUNIA
http://www.gentoo.org/security/en/glsa/glsa-200705-25.xml vendor-advisory, x_refsource_GENTOO
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11012 vdb-entry, signature, x_refsource_OVAL
http://www.securityfocus.com/bid/24146 vdb-entry, x_refsource_BID
http://osvdb.org/38498 vdb-entry, x_refsource_OSVDB
http://www.ubuntu.com/usn/usn-439-2 vendor-advisory, x_refsource_UBUNTU
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T13:49:57.399Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-1343",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2007/dsa-1343"
          },
          {
            "name": "29179",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29179"
          },
          {
            "name": "2007-0024",
            "tags": [
              "vendor-advisory",
              "x_refsource_TRUSTIX",
              "x_transferred"
            ],
            "url": "http://www.trustix.org/errata/2007/0024/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=241022"
          },
          {
            "name": "26415",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26415"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-290.htm"
          },
          {
            "name": "ADV-2008-0924",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/0924/references"
          },
          {
            "name": "1018140",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1018140"
          },
          {
            "name": "SUSE-SA:2007:040",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2007_40_file.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-1311"
          },
          {
            "name": "25931",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25931"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.amavis.org/security/asa-2007-3.txt"
          },
          {
            "name": "25544",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25544"
          },
          {
            "name": "29420",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29420"
          },
          {
            "name": "MDKSA-2007:114",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:114"
          },
          {
            "name": "RHSA-2007:0391",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0391.html"
          },
          {
            "name": "25578",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25578"
          },
          {
            "name": "APPLE-SA-2008-03-18",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
          },
          {
            "name": "20070524 FLEA-2007-0022-1: file",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/469520/30/6420/threaded"
          },
          {
            "name": "file-assert-code-execution(34731)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34731"
          },
          {
            "name": "ADV-2007-2071",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2071"
          },
          {
            "name": "25394",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25394"
          },
          {
            "name": "NetBSD-SA2008-001",
            "tags": [
              "vendor-advisory",
              "x_refsource_NETBSD",
              "x_transferred"
            ],
            "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-001.txt.asc"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://docs.info.apple.com/article.html?artnum=307562"
          },
          {
            "name": "26294",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26294"
          },
          {
            "name": "26203",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26203"
          },
          {
            "name": "GLSA-200705-25",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200705-25.xml"
          },
          {
            "name": "oval:org.mitre.oval:def:11012",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11012"
          },
          {
            "name": "24146",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/24146"
          },
          {
            "name": "38498",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/38498"
          },
          {
            "name": "USN-439-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-439-2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-05-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in the \"file\" program 4.20, when running on 32-bit systems, as used in products including The Sleuth Kit, might allow user-assisted attackers to execute arbitrary code via a large file that triggers an overflow that bypasses an assert() statement.  NOTE: this issue is due to an incorrect patch for CVE-2007-1536."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-16T14:57:01",
        "orgId": "63664ac6-956c-4cba-a5d0-f46076e16109",
        "shortName": "freebsd"
      },
      "references": [
        {
          "name": "DSA-1343",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2007/dsa-1343"
        },
        {
          "name": "29179",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29179"
        },
        {
          "name": "2007-0024",
          "tags": [
            "vendor-advisory",
            "x_refsource_TRUSTIX"
          ],
          "url": "http://www.trustix.org/errata/2007/0024/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=241022"
        },
        {
          "name": "26415",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26415"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-290.htm"
        },
        {
          "name": "ADV-2008-0924",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/0924/references"
        },
        {
          "name": "1018140",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1018140"
        },
        {
          "name": "SUSE-SA:2007:040",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2007_40_file.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-1311"
        },
        {
          "name": "25931",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25931"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.amavis.org/security/asa-2007-3.txt"
        },
        {
          "name": "25544",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25544"
        },
        {
          "name": "29420",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29420"
        },
        {
          "name": "MDKSA-2007:114",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:114"
        },
        {
          "name": "RHSA-2007:0391",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-0391.html"
        },
        {
          "name": "25578",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25578"
        },
        {
          "name": "APPLE-SA-2008-03-18",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
        },
        {
          "name": "20070524 FLEA-2007-0022-1: file",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/469520/30/6420/threaded"
        },
        {
          "name": "file-assert-code-execution(34731)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34731"
        },
        {
          "name": "ADV-2007-2071",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2071"
        },
        {
          "name": "25394",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25394"
        },
        {
          "name": "NetBSD-SA2008-001",
          "tags": [
            "vendor-advisory",
            "x_refsource_NETBSD"
          ],
          "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-001.txt.asc"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://docs.info.apple.com/article.html?artnum=307562"
        },
        {
          "name": "26294",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26294"
        },
        {
          "name": "26203",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26203"
        },
        {
          "name": "GLSA-200705-25",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200705-25.xml"
        },
        {
          "name": "oval:org.mitre.oval:def:11012",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11012"
        },
        {
          "name": "24146",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/24146"
        },
        {
          "name": "38498",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/38498"
        },
        {
          "name": "USN-439-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-439-2"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secteam@freebsd.org",
          "ID": "CVE-2007-2799",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow in the \"file\" program 4.20, when running on 32-bit systems, as used in products including The Sleuth Kit, might allow user-assisted attackers to execute arbitrary code via a large file that triggers an overflow that bypasses an assert() statement.  NOTE: this issue is due to an incorrect patch for CVE-2007-1536."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "DSA-1343",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2007/dsa-1343"
            },
            {
              "name": "29179",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29179"
            },
            {
              "name": "2007-0024",
              "refsource": "TRUSTIX",
              "url": "http://www.trustix.org/errata/2007/0024/"
            },
            {
              "name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=241022",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=241022"
            },
            {
              "name": "26415",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26415"
            },
            {
              "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-290.htm",
              "refsource": "CONFIRM",
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-290.htm"
            },
            {
              "name": "ADV-2008-0924",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/0924/references"
            },
            {
              "name": "1018140",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1018140"
            },
            {
              "name": "SUSE-SA:2007:040",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2007_40_file.html"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-1311",
              "refsource": "CONFIRM",
              "url": "https://issues.rpath.com/browse/RPL-1311"
            },
            {
              "name": "25931",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25931"
            },
            {
              "name": "http://www.amavis.org/security/asa-2007-3.txt",
              "refsource": "CONFIRM",
              "url": "http://www.amavis.org/security/asa-2007-3.txt"
            },
            {
              "name": "25544",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25544"
            },
            {
              "name": "29420",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29420"
            },
            {
              "name": "MDKSA-2007:114",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:114"
            },
            {
              "name": "RHSA-2007:0391",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0391.html"
            },
            {
              "name": "25578",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25578"
            },
            {
              "name": "APPLE-SA-2008-03-18",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
            },
            {
              "name": "20070524 FLEA-2007-0022-1: file",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/469520/30/6420/threaded"
            },
            {
              "name": "file-assert-code-execution(34731)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34731"
            },
            {
              "name": "ADV-2007-2071",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/2071"
            },
            {
              "name": "25394",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25394"
            },
            {
              "name": "NetBSD-SA2008-001",
              "refsource": "NETBSD",
              "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-001.txt.asc"
            },
            {
              "name": "http://docs.info.apple.com/article.html?artnum=307562",
              "refsource": "CONFIRM",
              "url": "http://docs.info.apple.com/article.html?artnum=307562"
            },
            {
              "name": "26294",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26294"
            },
            {
              "name": "26203",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26203"
            },
            {
              "name": "GLSA-200705-25",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200705-25.xml"
            },
            {
              "name": "oval:org.mitre.oval:def:11012",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11012"
            },
            {
              "name": "24146",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/24146"
            },
            {
              "name": "38498",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/38498"
            },
            {
              "name": "USN-439-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-439-2"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "63664ac6-956c-4cba-a5d0-f46076e16109",
    "assignerShortName": "freebsd",
    "cveId": "CVE-2007-2799",
    "datePublished": "2007-05-23T21:00:00",
    "dateReserved": "2007-05-22T00:00:00",
    "dateUpdated": "2024-08-07T13:49:57.399Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Vulnerability from fkie_nvd
Published
2007-05-23 21:30
Modified
2025-04-09 00:30
Severity ?
Summary
Integer overflow in the "file" program 4.20, when running on 32-bit systems, as used in products including The Sleuth Kit, might allow user-assisted attackers to execute arbitrary code via a large file that triggers an overflow that bypasses an assert() statement. NOTE: this issue is due to an incorrect patch for CVE-2007-1536.
References
secteam@freebsd.orgftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-001.txt.asc
secteam@freebsd.orghttp://docs.info.apple.com/article.html?artnum=307562
secteam@freebsd.orghttp://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
secteam@freebsd.orghttp://osvdb.org/38498
secteam@freebsd.orghttp://secunia.com/advisories/25394Vendor Advisory
secteam@freebsd.orghttp://secunia.com/advisories/25544Vendor Advisory
secteam@freebsd.orghttp://secunia.com/advisories/25578Vendor Advisory
secteam@freebsd.orghttp://secunia.com/advisories/25931Vendor Advisory
secteam@freebsd.orghttp://secunia.com/advisories/26203Vendor Advisory
secteam@freebsd.orghttp://secunia.com/advisories/26294Vendor Advisory
secteam@freebsd.orghttp://secunia.com/advisories/26415Vendor Advisory
secteam@freebsd.orghttp://secunia.com/advisories/29179
secteam@freebsd.orghttp://secunia.com/advisories/29420Vendor Advisory
secteam@freebsd.orghttp://support.avaya.com/elmodocs2/security/ASA-2007-290.htm
secteam@freebsd.orghttp://www.amavis.org/security/asa-2007-3.txt
secteam@freebsd.orghttp://www.debian.org/security/2007/dsa-1343
secteam@freebsd.orghttp://www.gentoo.org/security/en/glsa/glsa-200705-25.xml
secteam@freebsd.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2007:114
secteam@freebsd.orghttp://www.novell.com/linux/security/advisories/2007_40_file.html
secteam@freebsd.orghttp://www.redhat.com/support/errata/RHSA-2007-0391.html
secteam@freebsd.orghttp://www.securityfocus.com/archive/1/469520/30/6420/threaded
secteam@freebsd.orghttp://www.securityfocus.com/bid/24146
secteam@freebsd.orghttp://www.securitytracker.com/id?1018140
secteam@freebsd.orghttp://www.trustix.org/errata/2007/0024/
secteam@freebsd.orghttp://www.ubuntu.com/usn/usn-439-2
secteam@freebsd.orghttp://www.vupen.com/english/advisories/2007/2071Vendor Advisory
secteam@freebsd.orghttp://www.vupen.com/english/advisories/2008/0924/referencesVendor Advisory
secteam@freebsd.orghttps://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=241022Vendor Advisory
secteam@freebsd.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/34731
secteam@freebsd.orghttps://issues.rpath.com/browse/RPL-1311
secteam@freebsd.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11012
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-001.txt.asc
af854a3a-2127-422b-91ae-364da2661108http://docs.info.apple.com/article.html?artnum=307562
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/38498
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/25394Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/25544Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/25578Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/25931Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/26203Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/26294Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/26415Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/29179
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/29420Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://support.avaya.com/elmodocs2/security/ASA-2007-290.htm
af854a3a-2127-422b-91ae-364da2661108http://www.amavis.org/security/asa-2007-3.txt
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2007/dsa-1343
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200705-25.xml
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2007:114
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/linux/security/advisories/2007_40_file.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2007-0391.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/469520/30/6420/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/24146
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1018140
af854a3a-2127-422b-91ae-364da2661108http://www.trustix.org/errata/2007/0024/
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/usn-439-2
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/2071Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/0924/referencesVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=241022Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/34731
af854a3a-2127-422b-91ae-364da2661108https://issues.rpath.com/browse/RPL-1311
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11012
Impacted products
Vendor Product Version
file file 4.2
sleuth_kit the_sleuth_kith *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:file:file:4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0318EE80-4042-4347-A7AC-818E5419396E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sleuth_kit:the_sleuth_kith:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B185CBC3-A4BA-49EC-8115-DDD6F62B4E18",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Integer overflow in the \"file\" program 4.20, when running on 32-bit systems, as used in products including The Sleuth Kit, might allow user-assisted attackers to execute arbitrary code via a large file that triggers an overflow that bypasses an assert() statement.  NOTE: this issue is due to an incorrect patch for CVE-2007-1536."
    },
    {
      "lang": "es",
      "value": "Un desbordamiento de enteros en el programa \"file\" versi\u00f3n 4.20, cuando se ejecuta en sistemas de 32 bits, tal y como es usado en productos que incluyen The Sleuth Kit, podr\u00eda permitir que los atacantes asistidos por el usuario ejecuten c\u00f3digo arbitrario por medio de un archivo largo que activa un desbordamiento que omite una sentencia assert(). NOTA: este problema se debe a un parche incorrecto para CVE-2007-1536."
    }
  ],
  "id": "CVE-2007-2799",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.1,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 4.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2007-05-23T21:30:00.000",
  "references": [
    {
      "source": "secteam@freebsd.org",
      "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-001.txt.asc"
    },
    {
      "source": "secteam@freebsd.org",
      "url": "http://docs.info.apple.com/article.html?artnum=307562"
    },
    {
      "source": "secteam@freebsd.org",
      "url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
    },
    {
      "source": "secteam@freebsd.org",
      "url": "http://osvdb.org/38498"
    },
    {
      "source": "secteam@freebsd.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/25394"
    },
    {
      "source": "secteam@freebsd.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/25544"
    },
    {
      "source": "secteam@freebsd.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/25578"
    },
    {
      "source": "secteam@freebsd.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/25931"
    },
    {
      "source": "secteam@freebsd.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26203"
    },
    {
      "source": "secteam@freebsd.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26294"
    },
    {
      "source": "secteam@freebsd.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26415"
    },
    {
      "source": "secteam@freebsd.org",
      "url": "http://secunia.com/advisories/29179"
    },
    {
      "source": "secteam@freebsd.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29420"
    },
    {
      "source": "secteam@freebsd.org",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-290.htm"
    },
    {
      "source": "secteam@freebsd.org",
      "url": "http://www.amavis.org/security/asa-2007-3.txt"
    },
    {
      "source": "secteam@freebsd.org",
      "url": "http://www.debian.org/security/2007/dsa-1343"
    },
    {
      "source": "secteam@freebsd.org",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200705-25.xml"
    },
    {
      "source": "secteam@freebsd.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:114"
    },
    {
      "source": "secteam@freebsd.org",
      "url": "http://www.novell.com/linux/security/advisories/2007_40_file.html"
    },
    {
      "source": "secteam@freebsd.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0391.html"
    },
    {
      "source": "secteam@freebsd.org",
      "url": "http://www.securityfocus.com/archive/1/469520/30/6420/threaded"
    },
    {
      "source": "secteam@freebsd.org",
      "url": "http://www.securityfocus.com/bid/24146"
    },
    {
      "source": "secteam@freebsd.org",
      "url": "http://www.securitytracker.com/id?1018140"
    },
    {
      "source": "secteam@freebsd.org",
      "url": "http://www.trustix.org/errata/2007/0024/"
    },
    {
      "source": "secteam@freebsd.org",
      "url": "http://www.ubuntu.com/usn/usn-439-2"
    },
    {
      "source": "secteam@freebsd.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/2071"
    },
    {
      "source": "secteam@freebsd.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/0924/references"
    },
    {
      "source": "secteam@freebsd.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=241022"
    },
    {
      "source": "secteam@freebsd.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34731"
    },
    {
      "source": "secteam@freebsd.org",
      "url": "https://issues.rpath.com/browse/RPL-1311"
    },
    {
      "source": "secteam@freebsd.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11012"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-001.txt.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://docs.info.apple.com/article.html?artnum=307562"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/38498"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/25394"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/25544"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/25578"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/25931"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26203"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26294"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26415"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/29179"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29420"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-290.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.amavis.org/security/asa-2007-3.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2007/dsa-1343"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200705-25.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:114"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2007_40_file.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0391.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/469520/30/6420/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/24146"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1018140"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.trustix.org/errata/2007/0024/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-439-2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/2071"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/0924/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=241022"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34731"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://issues.rpath.com/browse/RPL-1311"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11012"
    }
  ],
  "sourceIdentifier": "secteam@freebsd.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}