Heap-Based Buffer Overflow in GNU Findutils Locate by Free Software Foundation
CVE-2007-2452
Currently unrated
Summary
A heap-based buffer overflow vulnerability exists in the visit_old_format function in locate/locate.c of GNU Findutils prior to version 4.2.31. This vulnerability allows attackers to execute arbitrary code through the use of long pathnames in an old-format locate database, highlighting significant security risks associated with improper handling of memory allocation.
References
Timeline
Vulnerability published
Vulnerability Reserved