Oval Definition:oval:com.redhat.rhsa:def:20070124
Revision Date:2007-03-23Version:635
Title:RHSA-2007:0124: file security update (Moderate)
Description:The file command is used to identify a particular file according to the type of data contained by the file.

  • An integer underflow flaw was found in the file utility. An attacker could create a carefully crafted file which, if examined by a victim using the file utility, could lead to arbitrary code execution. (CVE-2007-1536)

    This issue did not affect the version of the file utility distributed with Red Hat Enterprise Linux 2.1 or 3.

    Users should upgrade to this erratum package, which contain a backported patch to correct this issue.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2007-1536
    RHSA-2007:0124
    RHSA-2007:0124-01
    RHSA-2007:0124-01
    Platform(s):Red Hat Enterprise Linux 4
    Red Hat Enterprise Linux 5
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND file is earlier than 0:4.10-3.EL4.5
  • AND file is signed with Red Hat redhatrelease2 key
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND file is earlier than 0:4.17-9.el5
  • AND file is signed with Red Hat redhatrelease2 key
    • BACK