Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2007:0391

The remote host is missing updates announced in
advisory RHSA-2007:0391.

The file command is used to identify a particular file according to the
type of data contained by the file.

The fix for CVE-2007-1536 introduced a new integer underflow flaw in the
file utility. An attacker could create a carefully crafted file which, if
examined by a victim using the file utility, could lead to arbitrary code
execution. (CVE-2007-2799)

This issue did not affect the version of the file utility distributed with
Red Hat Enterprise Linux 2.1 or 3.

Users should upgrade to this erratum package, which contain a backported
patch to correct this issue.

Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

Risk factor : Critical

CVSS Score:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2007-2799
BugTraq ID: 24146
Bugtraq: 20070524 FLEA-2007-0022-1: file (Google Search)
Debian Security Information: DSA-1343 (Google Search)
NETBSD Security Advisory: NetBSD-SA2008-001
SuSE Security Announcement: SUSE-SA:2007:040 (Google Search)
XForce ISS Database: file-assert-code-execution(34731)
Common Vulnerability Exposure (CVE) ID: CVE-2007-1536
BugTraq ID: 23021
Bugtraq: 20070825 OpenBSD 4.1 - Heap overflow vulnerabillity (Google Search)
Bugtraq: 20070828 Re: OpenBSD 4.1 - Heap overflow vulnerabillity (Google Search)
CERT/CC vulnerability note: VU#606700
Debian Security Information: DSA-1274 (Google Search)
FreeBSD Security Advisory: FreeBSD-SA-07:04
OpenBSD Security Advisory: [4.0] 20070709 015: SECURITY FIX: July 9, 2007
SuSE Security Announcement: SUSE-SR:2007:005 (Google Search)
XForce ISS Database: openbsd-file-bo(36283)
CopyrightCopyright (c) 2007 E-Soft Inc.

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.