header-logo
Suggest Exploit
vendor:
file command
by:
7.5
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: file command
Affected Version From:
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:

Buffer Overflow Vulnerability in file Command

The file command is affected by a buffer overflow vulnerability. This issue is due to a failure of the application to properly validate string lengths in the affected file prior to copying them into static process buffers. An attacker may leverage this issue to execute arbitrary code with the privileges of a user that processes the malicious file with the affected utility. This may be leveraged to escalate privileges or to gain unauthorized access.

Mitigation:

Update to the latest version of the file command. Avoid processing files from untrusted sources.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/11771/info

The file command is affected by a buffer overflow vulnerability. This issue is due to a failure of the application to properly validate string lengths in the affected file prior to copying them into static process buffers.

An attacker may leverage this issue to execute arbitrary code with the privileges of a user that processes the malicious file with the affected utility. This may be leveraged to escalate privileges or to gain unauthorized access.

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/24784.zip

Navigation

Suggest Exploit

Services By CQR