CVE-2007-5497

Publication date 7 December 2007

Last updated 24 July 2024

Multiple integer overflows in libext2fs in e2fsprogs before 1.40.3 allow user-assisted remote attackers to execute arbitrary code via a crafted filesystem image.

Status

Show unmaintained releases

No maintained releases are affected by this CVE.

Package	Ubuntu Release	Status
e2fsprogs	7.10 gutsy	Fixed 1.40.2-1ubuntu1.1
	7.04 feisty	Fixed 1.39+1.40-WIP-2006.11.14+dfsg-2ubuntu1.1
	6.10 edgy	Fixed 1.39-1ubuntu0.1
	6.06 LTS dapper	Fixed 1.38-2ubuntu2.1

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-555-1
e2fsprogs vulnerability
8 December 2007

Other references

https://www.cve.org/CVERecord?id=CVE-2007-5497