cbcvebase.
CVE-2007-6613
published 2008-01-03

CVE-2007-6613: Stack-based buffer overflow in the print_iso9660_recurse function in iso-info (src/iso-info.c) in GNU Compact Disc Input and Control Library (libcdio) 0.79 and…

PriorityP432medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
12.72%
95.8th percentile
Stack-based buffer overflow in the print_iso9660_recurse function in iso-info (src/iso-info.c) in GNU Compact Disc Input and Control Library (libcdio) 0.79 and earlier allows context-dependent attackers to cause a denial of service (core dump) and possibly execute arbitrary code via a disk or image that contains a long joilet file name.

Affected

6 ranges
VendorProductVersion rangeFixed in
debianlibcdio< libcdio 0.78.2+dfsg1-2 (bookworm)libcdio 0.78.2+dfsg1-2 (bookworm)
gnulibcdio<= 0.79
gnulibcdio>= 0 < 0.78.2+dfsg1-20.78.2+dfsg1-2
gnulibcdio>= 0 < 0.78.2+dfsg1-20.78.2+dfsg1-2
gnulibcdio>= 0 < 0.78.2+dfsg1-20.78.2+dfsg1-2
gnulibcdio>= 0 < 0.78.2+dfsg1-20.78.2+dfsg1-2

CVSS provenance

nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv5.0MEDIUM
vendor_debian5.0LOW
vendor_redhat5.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.