Computer Security

CVE-2008-3871
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



CVECVE-2008-3871
StatusCandidate
DescriptionMultiple format string vulnerabilities in UltraISO 9.3.1.2633, and possibly other versions before 9.3.3.2685, allow user-assisted attackers to execute arbitrary code via format string specifiers in the filename of a (1) DAA or (2) ISZ file.
PhaseAssigned (29.08.2008)
NVD:http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3871
ReferencesBID : 34325
 BUGTRAQ : 20090401 Secunia Research: UltraISO Image Name Parsing Format String Vulnerabilities
 MISC : http://secunia.com/secunia_research/2008-48/
 MISC : http://www.ezbsystems.com/ultraiso/history.htm
 SECTRACK : 1021965
 SECUNIA : 32415
 VUPEN : ADV-2009-0903
SecurityVulns:UiltraISO multiple security vulnerabilities
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server