CVE-2007-2799 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2007-2799 Interim 1 17 2025-11-05T06:21:01Z current 2021-05-30T12:39:00Z 2025-11-05T06:21:01Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2007-2799 Integer overflow in the "file" program 4.20, when running on 32-bit systems, as used in products including The Sleuth Kit, might allow user-assisted attackers to execute arbitrary code via a large file that triggers an overflow that bypasses an assert() statement. NOTE: this issue is due to an incorrect patch for CVE-2007-1536. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/JHIMRIIHNZGHYSPTNO3I4FI2OHRH3JA5/#JHIMRIIHNZGHYSPTNO3I4FI2OHRH3JA5 E-Mail link for SUSE-SA:2007:040 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Server 16.0 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Micro 6.0 SUSE Linux Micro 6.1 openSUSE Tumbleweed file-32bit-4.24-43.17 file-32bit-4.24-43.19.1 file-32bit-4.24-43.23.1 file-32bit-4.24-43.27.1 file-4.24-43.17 file-4.24-43.19.1 file-4.24-43.23.1 file-4.24-43.27.1 file-5.40-1.14 file-5.44-4.151 file-5.44-slfo.1.1_1.4 file-5.46-160000.2.2 file-devel-32bit-5.40-1.14 file-devel-4.24-43.27.1 file-devel-5.40-1.14 file-devel-5.46-160000.2.2 file-magic-5.40-1.14 file-magic-5.44-4.151 file-magic-5.44-slfo.1.1_1.4 file-magic-5.46-160000.2.2 file-x86-4.24-43.17 file-x86-4.24-43.19.1 file-x86-4.24-43.23.1 file-x86-4.24-43.27.1 libmagic1-32bit-5.40-1.14 libmagic1-5.40-1.14 libmagic1-5.44-4.151 libmagic1-5.44-slfo.1.1_1.4 libmagic1-5.46-160000.2.2 file-4.24-43.17 as a component of SUSE Linux Enterprise Server 11 SP1 file-32bit-4.24-43.17 as a component of SUSE Linux Enterprise Server 11 SP1 file-x86-4.24-43.17 as a component of SUSE Linux Enterprise Server 11 SP1 file-4.24-43.19.1 as a component of SUSE Linux Enterprise Server 11 SP2 file-32bit-4.24-43.19.1 as a component of SUSE Linux Enterprise Server 11 SP2 file-x86-4.24-43.19.1 as a component of SUSE Linux Enterprise Server 11 SP2 file-4.24-43.23.1 as a component of SUSE Linux Enterprise Server 11 SP3 file-32bit-4.24-43.23.1 as a component of SUSE Linux Enterprise Server 11 SP3 file-x86-4.24-43.23.1 as a component of SUSE Linux Enterprise Server 11 SP3 file-4.24-43.27.1 as a component of SUSE Linux Enterprise Server 11 SP4 file-32bit-4.24-43.27.1 as a component of SUSE Linux Enterprise Server 11 SP4 file-x86-4.24-43.27.1 as a component of SUSE Linux Enterprise Server 11 SP4 file-5.46-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 file-devel-5.46-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 file-magic-5.46-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 libmagic1-5.46-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 file-devel-4.24-43.27.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 file-5.44-4.151 as a component of SUSE Linux Micro 6.0 file-magic-5.44-4.151 as a component of SUSE Linux Micro 6.0 libmagic1-5.44-4.151 as a component of SUSE Linux Micro 6.0 file-5.44-slfo.1.1_1.4 as a component of SUSE Linux Micro 6.1 file-magic-5.44-slfo.1.1_1.4 as a component of SUSE Linux Micro 6.1 libmagic1-5.44-slfo.1.1_1.4 as a component of SUSE Linux Micro 6.1 file-5.40-1.14 as a component of openSUSE Tumbleweed file-devel-5.40-1.14 as a component of openSUSE Tumbleweed file-devel-32bit-5.40-1.14 as a component of openSUSE Tumbleweed file-magic-5.40-1.14 as a component of openSUSE Tumbleweed libmagic1-5.40-1.14 as a component of openSUSE Tumbleweed libmagic1-32bit-5.40-1.14 as a component of openSUSE Tumbleweed Integer overflow in the "file" program 4.20, when running on 32-bit systems, as used in products including The Sleuth Kit, might allow user-assisted attackers to execute arbitrary code via a large file that triggers an overflow that bypasses an assert() statement. NOTE: this issue is due to an incorrect patch for CVE-2007-1536. CVE-2007-2799 SUSE Linux Enterprise Server 11 SP1:file-4.24-43.17 SUSE Linux Enterprise Server 11 SP1:file-32bit-4.24-43.17 SUSE Linux Enterprise Server 11 SP1:file-x86-4.24-43.17 SUSE Linux Enterprise Server 11 SP2:file-4.24-43.19.1 SUSE Linux Enterprise Server 11 SP2:file-32bit-4.24-43.19.1 SUSE Linux Enterprise Server 11 SP2:file-x86-4.24-43.19.1 SUSE Linux Enterprise Server 11 SP3:file-4.24-43.23.1 SUSE Linux Enterprise Server 11 SP3:file-32bit-4.24-43.23.1 SUSE Linux Enterprise Server 11 SP3:file-x86-4.24-43.23.1 SUSE Linux Enterprise Server 11 SP4:file-4.24-43.27.1 SUSE Linux Enterprise Server 11 SP4:file-32bit-4.24-43.27.1 SUSE Linux Enterprise Server 11 SP4:file-x86-4.24-43.27.1 SUSE Linux Enterprise Server 16.0:file-5.46-160000.2.2 SUSE Linux Enterprise Server 16.0:file-devel-5.46-160000.2.2 SUSE Linux Enterprise Server 16.0:file-magic-5.46-160000.2.2 SUSE Linux Enterprise Server 16.0:libmagic1-5.46-160000.2.2 SUSE Linux Enterprise Software Development Kit 11 SP4:file-devel-4.24-43.27.1 SUSE Linux Micro 6.0:file-5.44-4.151 SUSE Linux Micro 6.0:file-magic-5.44-4.151 SUSE Linux Micro 6.0:libmagic1-5.44-4.151 SUSE Linux Micro 6.1:file-5.44-slfo.1.1_1.4 SUSE Linux Micro 6.1:file-magic-5.44-slfo.1.1_1.4 SUSE Linux Micro 6.1:libmagic1-5.44-slfo.1.1_1.4 openSUSE Tumbleweed:file-5.40-1.14 openSUSE Tumbleweed:file-devel-5.40-1.14 openSUSE Tumbleweed:file-devel-32bit-5.40-1.14 openSUSE Tumbleweed:file-magic-5.40-1.14 openSUSE Tumbleweed:libmagic1-5.40-1.14 openSUSE Tumbleweed:libmagic1-32bit-5.40-1.14 moderate 5.1 AV:N/AC:H/Au:N/C:P/I:P/A:P