CVE-2007-1536

Description

Integer underflow in the file_printf function in the "file" program before 4.20 allows user-assisted attackers to execute arbitrary code via a file that triggers a heap-based buffer overflow.

How to fix CVE-2007-1536

To remediate CVE-2007-1536, upgrade the affected package to a fixed version below.

• Debian/file—upgrade to 4.20-1 or later
• Debian/file—upgrade to 4.12-1sarge1 or later

Is CVE-2007-1536 being exploited?

Moderate — EPSS is 41.9%. Track this CVE but it's not at the top of the prioritisation list.

Affected packages (2)

• from 0, < 4.20-1
• from 0, < 4.12-1sarge1

References (1)

• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2007-1536