Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2007-2452

Heap-based buffer overflow in the visit_old_format function in locate/locate.c in locate in GNU findutils before 4.2.31 might allow context-dependent attackers to execute arbitrary code via a long pathname in a locate database that has the old format, a different vulnerability than CVE-2001-1036.

  • Published: Jun 4, 2007
  • Updated: Apr 13, 2023
  • CVE: CVE-2007-2452
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 6
  • AV:N/AC:M/Au:S/C:P/I:P/A:P

No CWE or OWASP classifications available.

Software From Fixed in
gnu / findutils 4.2.28 4.2.28.x
gnu / findutils 4.2.29 4.2.29.x
gnu / findutils 4.2.30 4.2.30.x
gnu / findutils 4.1 4.1.x
gnu / findutils 4.0 4.0.x