CVE-2007-2452

Loading...

General

Score:6.0/10.0
Severity:Medium
Category:N/A

Impact Metrics

Confidentiality:Partial
Integrity:Partial
Availability:Partial

Exploitability Metrics

Access Vector:Network
Access Complexity:Medium
Authentication:Single

Published on 04/06/07 - Updated on 29/07/17

Description

Heap-based buffer overflow in the visit_old_format function in locate/locate.c in locate in GNU findutils before 4.2.31 might allow context-dependent attackers to execute arbitrary code via a long pathname in a locate database that has the old format, a different vulnerability than CVE-2001-1036.

Category:

There is insufficient information about the issue to classify it; details are unknown or unspecified.

Security Notices

US National Vulnerability DatabaseCVE-2007-2452
Agence Nationale de la Sécurité des Systèmes d'Information CERTA-2010-AVI-317

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
gnufindutils

Share this vulnerability with:

Twitter Facebook LinkedIn Mail