CVE-2007-2799

Description

Integer overflow in the "file" program 4.20, when running on 32-bit systems, as used in products including The Sleuth Kit, might allow user-assisted attackers to execute arbitrary code via a large file that triggers an overflow that bypasses an assert() statement. NOTE: this issue is due to an incorrect patch for CVE-2007-1536.

How to fix CVE-2007-2799

To remediate CVE-2007-2799, upgrade the affected package to a fixed version below.

• Debian/file—upgrade to 4.21-1 or later
• Debian/file—upgrade to 4.12-1sarge2 or later
• —upgrade to 4.17-5etch3 or later

Is CVE-2007-2799 being exploited?

Low — EPSS is 3.5%, meaning exploitation activity has not been observed at scale.

Affected packages (3)

• from 0, < 4.21-1
• from 0, < 4.12-1sarge2
• from 0, < 4.17-5etch3

References (1)

• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2007-2799