Heap-Based Buffer Overflow in GNU Findutils Locate by Free Software Foundation
CVE-2007-2452

Currently unrated

Key Information:

Vendor
Gnu
Status
Vendor
CVE Published:
4 June 2007

Summary

A heap-based buffer overflow vulnerability exists in the visit_old_format function in locate/locate.c of GNU Findutils prior to version 4.2.31. This vulnerability allows attackers to execute arbitrary code through the use of long pathnames in an old-format locate database, highlighting significant security risks associated with improper handling of memory allocation.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.