Launchpad.net

CVE 2007-1536

Integer underflow in the file_printf function in the "file" program before 4.20 allows user-assisted attackers to execute arbitrary code via a file that triggers a heap-based buffer overflow.

See the CVE page on Mitre.org for more details.

References