Debian Sleuthkit vulnerabilities

CVE-2007-4197 [MEDIUM] CVE-2007-4197: sleuthkit - icat in Brian Carrier The Sleuth Kit (TSK) before 2.09 omits NULL pointer checks... icat in Brian Carrier The Sleuth Kit (TSK) before 2.09 omits NULL pointer checks in certain code paths, which allows user-assisted remote attackers to cause a denial of service (NULL dereference and application crash) and prevent examination of certain NTFS files via a malformed NTFS image. Scope: local bookworm: resolved (fixed in 2.09-1) bullseye: resolved (fixe

CVE-2007-4200 [MEDIUM] CVE-2007-4200: sleuthkit - ntfs.c in fsstat in Brian Carrier The Sleuth Kit (TSK) before 2.09 interprets a ... ntfs.c in fsstat in Brian Carrier The Sleuth Kit (TSK) before 2.09 interprets a certain variable as a byte count rather than a count of 32-bit integers, which allows user-assisted remote attackers to cause a denial of service (application crash) and prevent examination of certain NTFS files via a malformed NTFS image. Scope: local bookworm: resolved (fixed in 2.09

CVE-2007-4198 [MEDIUM] CVE-2007-4198: sleuthkit - The fs_data_put_str function in ntfs.c in fls in Brian Carrier The Sleuth Kit (T... The fs_data_put_str function in ntfs.c in fls in Brian Carrier The Sleuth Kit (TSK) before 2.09 does not validate a certain length value, which allows user-assisted remote attackers to cause a denial of service (application crash) and prevent examination of certain NTFS files via a malformed NTFS image, which triggers a buffer over-read. Scope: local bookworm: res