DEBIAN-CVE-2007-2799

Advisory lineage Upstream: 1 Downstream: 2

Upstream

CVE-2007-2799

Downstream

DSA-1343-1 DSA-1343-2

Published: 23 May 2007, 21:30

Last modified:28 Apr 2026, 20:09

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

23 May 2007, 21:30

Published

Vulnerability first disclosed

28 Apr 2026, 20:09

Last Modified

Vulnerability information updated

Description

Integer overflow in the "file" program 4.20, when running on 32-bit systems, as used in products including The Sleuth Kit, might allow user-assisted attackers to execute arbitrary code via a large file that triggers an overflow that bypasses an assert() statement. NOTE: this issue is due to an incorrect patch for CVE-2007-1536.

Affected Systems

debian•file
< 4.21-1 | < 4.21-1 | < 4.21-1 | < 4.21-1

References (1)

https://security-tracker.debian.org/tracker/CVE-2007-2799