{"vuid":"VU#606700","idnumber":"606700","name":"file integer overflow vulnerability","keywords":["file","integer underflow","heap-based buffer overflow","file_printf function","INFO#111001","apple_2007-005","INT32-C"],"overview":"The file program contains a vulnerability that may allow an attacker to execute arbitrary code or create a denial-of-service condition.","clean_desc":"file is a program for Unix-like operating systems that is used to determine what type of data is contained in a file. file contains a buffer overflow vulnerability that is caused by an integer overflow in the file_printf function. To trigger the overflow, an attacker would need to convince a user to run a vulnerable version of file on a specially crafted file.","impact":"An attacker may be able to execute arbitrary code with the permissions of the user running the vulnerable version of file or cause the program to crash, creating a denial-of-service condition","resolution":"Upgrade\nVersion 4.20 of file was released to address this issue. Note that operating systems may ship with different versions of the file program. See the systems affected portion of this document for information about specific vendors.","workarounds":"Do not run file as root Running the file program with a limited user account may partially mitigate the impact of successful exploitation of vulnerability.","sysaffected":"","thanks":"Thanks to \nJean-Sébastien Guay-Leroux and Christos Zoulas for information that was used in this report.","author":"This document was written by Ryan Giobbi.","public":["http://mx.gw.com/pipermail/file/2007/000161.html","ftp://ftp.astron.com/pub/file/file-4.20.tar.gz","https://www.securecoding.cert.org/confluence/x/RgE","http://secunia.com/advisories/24548/","http://www.ubuntu.com/usn/usn-439-1","http://secunia.com/advisories/24592/","http://www.mandriva.com/security/advisories?name=MDKSA-2007:067","http://rhn.redhat.com/errata/RHSA-2007-0124.html","https://issues.rpath.com/browse/RPL-1148","http://www.securityfocus.com/bid/2302","http://secunia.com/advisories/25133/","http://secunia.com/advisories/25393/","http://docs.info.apple.com/article.html?artnum=305530"],"cveids":["CVE-2007-1536"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2007-03-19T18:12:02Z","publicdate":"2007-03-19T00:00:00Z","datefirstpublished":"2007-03-26T19:31:06Z","dateupdated":"2007-10-16T12:29:10Z","revision":44,"vrda_d1_directreport":"0","vrda_d1_population":"3","vrda_d1_impact":"3","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"3","cam_population":"5","cam_impact":"8","cam_easeofexploitation":"12","cam_attackeraccessrequired":"10","cam_scorecurrent":"1.62","cam_scorecurrentwidelyknown":"2.07","cam_scorecurrentwidelyknownexploited":"3.87","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":1.62,"vulnote":null}