Vendor
File\
Products
2
CVEs
5
Across products
25
Status
Private
Products
2- 24 CVEs
- 1 CVE
Recent CVEs
5| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-6512 | Med | 0.38 | 5.9 | 0.01 | Jun 1, 2017 | Race condition in the rmtree and remove_tree functions in the File-Path module before 2.13 for Perl allows attackers to set the mode on arbitrary files via vectors involving directory-permission loosening logic. | |
| CVE-2007-1536 | 0.06 | — | 0.42 | Mar 20, 2007 | Integer underflow in the file_printf function in the "file" program before 4.20 allows user-assisted attackers to execute arbitrary code via a file that triggers a heap-based buffer overflow. | ||
| CVE-2004-1304 | 0.03 | — | 0.06 | Jan 10, 2005 | Stack-based buffer overflow in the ELF header parsing code in file before 4.12 allows attackers to execute arbitrary code via a crafted ELF file. | ||
| CVE-2003-0102 | 0.03 | — | 0.06 | Mar 18, 2003 | Buffer overflow in tryelf() in readelf.c of the file command allows attackers to execute arbitrary code as the user running file, possibly via a large entity size value in an ELF header (elfhdr.e_shentsize). | ||
| CVE-2007-2799 | 0.00 | — | 0.03 | May 23, 2007 | Integer overflow in the "file" program 4.20, when running on 32-bit systems, as used in products including The Sleuth Kit, might allow user-assisted attackers to execute arbitrary code via a large file that triggers an overflow that bypasses an assert() statement. NOTE: this issue is due to an incorrect patch for CVE-2007-1536. |