CVE-2007-2888

EPSS 54.7%

Stack-based buffer overflow in UltraISO 8.6.2.2011 and earlier allows user-assisted remote attackers to execute arbitrary code via a long FILE string (filename) in a .cue file, a related issue to CVE-2007-2761. NOTE: some details are obtained from third party information.

Affected products

n/a · n/a

public PoCs found — 4

cve_referencewww.exploit-db.com/exploits/3978unverified exploitdbwww.exploit-db.com/exploits/16627unverified exploitdbwww.exploit-db.com/exploits/4001unverified exploitdbwww.exploit-db.com/exploits/4002unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://osvdb.org/36570 http://secunia.com/advisories/25384 https://exchange.xforce.ibmcloud.com/vulnerabilities/34485 https://www.exploit-db.com/exploits/3978 http://www.securityfocus.com/bid/24140