Ezb Systems Ultraiso vulnerabilities
3 known vulnerabilities affecting ezb_systems/ultraiso.
Total CVEs
3
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2007-2888P3HIGHCVSS 7.6PoC≤ 8.6.2.20112007-05-30
CVE-2007-2888 [HIGH] CVE-2007-2888: Stack-based buffer overflow in UltraISO 8.6.2.2011 and earlier allows user-assisted remote attackers
Stack-based buffer overflow in UltraISO 8.6.2.2011 and earlier allows user-assisted remote attackers to execute arbitrary code via a long FILE string (filename) in a .cue file, a related issue to CVE-2007-2761. NOTE: some details are obtained from third party information.
nvd
CVE-2006-2099P4MEDIUMCVSS 5.0PoCv8.0.0.13922006-04-29
CVE-2006-2099 [MEDIUM] CVE-2006-2099: Directory traversal vulnerability in UltraISO 8.0.0.1392 allows remote attackers to write arbitrary
Directory traversal vulnerability in UltraISO 8.0.0.1392 allows remote attackers to write arbitrary files via a .. (dot dot) in a filename in an ISO image.
nvd
CVE-2017-2840P3HIGHCVSS 7.8v9.6.6.33002018-04-24
CVE-2017-2840 [HIGH] CWE-120 CVE-2017-2840: A buffer overflow vulnerability exists in the ISO parsing functionality of EZB Systems UltraISO 9.6.
A buffer overflow vulnerability exists in the ISO parsing functionality of EZB Systems UltraISO 9.6.6.3300. A specially crafted .ISO file can cause a vulnerability resulting in potential code execution. An attacker can provide a specific .ISO file to trigger this vulnerability.
nvd