Launchpad CVE tracker

CVE 2007-5037

Buffer overflow in the inotifytools_snprintf function in src/inotifytools.c in the inotify-tools library before 3.11 allows context-dependent attackers to execute arbitrary code via a long filename.

Related bugs and status

CVE-2007-5037 (Candidate) is related to these bugs:

Bug #131832: libinotify: missing header files

Summary				In	Importance	Status
	131832	libinotify: missing header files		inotify-tools (Ubuntu)	Undecided	Fix Released

Bug #147861: [UVFe] Update to inotify-tools 3.11

Summary				In	Importance	Status
	147861	[UVFe] Update to inotify-tools 3.11		inotify-tools (Ubuntu)	Undecided	Fix Released

Bug #180301: [inotify-tools] [CVE-2007-5037] buffer overflow, possible execution of arbitrary code, local vulnerability

Summary				In	Importance	Status
	180301	[inotify-tools] [CVE-2007-5037] buffer overflow, possible execution of arbitrary code, local vulnerability		inotify-tools (Ubuntu)	Undecided	Invalid
	180301	[inotify-tools] [CVE-2007-5037] buffer overflow, possible execution of arbitrary code, local vulnerability		inotify-tools (Debian)	Unknown	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2007-5037

References