Ezbsystems Ultraiso vulnerabilities
6 known vulnerabilities affecting ezbsystems/ultraiso.
Total CVEs
6
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2009-1260P2CRITICALCVSS 9.3PoC≤ 9.3.3v3.1+52 more2009-04-07
CVE-2009-1260 [CRITICAL] CWE-119 CVE-2009-1260: Multiple stack-based buffer overflows in UltraISO 9.3.3.2685 and earlier allow remote attackers to c
Multiple stack-based buffer overflows in UltraISO 9.3.3.2685 and earlier allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted (1) CCD or (2) IMG file.
nvd
CVE-2008-3871P3CRITICALCVSS 9.3v9.3.1.26332009-04-01
CVE-2008-3871 [CRITICAL] CWE-134 CVE-2008-3871: Multiple format string vulnerabilities in UltraISO 9.3.1.2633, and possibly other versions before 9.
Multiple format string vulnerabilities in UltraISO 9.3.1.2633, and possibly other versions before 9.3.3.2685, allow user-assisted attackers to execute arbitrary code via format string specifiers in the filename of a (1) DAA or (2) ISZ file.
nvd
CVE-2008-4825P3CRITICALCVSS 9.3v9.3.1.26332009-04-01
CVE-2008-4825 [CRITICAL] CWE-119 CVE-2008-4825: Multiple buffer overflows in UltraISO 9.3.1.2633, and possibly other versions before 9.3.3.2685, all
Multiple buffer overflows in UltraISO 9.3.1.2633, and possibly other versions before 9.3.3.2685, allow user-assisted attackers to execute arbitrary code via a crafted (1) CIF, (2) C2D, or (3) GI file.
nvd
CVE-2017-2840P3HIGHCVSS 7.8v9.6.6.33002018-04-24
CVE-2017-2840 [HIGH] CWE-120 CVE-2017-2840: A buffer overflow vulnerability exists in the ISO parsing functionality of EZB Systems UltraISO 9.6.
A buffer overflow vulnerability exists in the ISO parsing functionality of EZB Systems UltraISO 9.6.6.3300. A specially crafted .ISO file can cause a vulnerability resulting in potential code execution. An attacker can provide a specific .ISO file to trigger this vulnerability.
nvd
CVE-2018-25267P4MEDIUMCVSS 5.5v9.7.1.35192026-04-22
CVE-2018-25267 [MEDIUM] CWE-787 CVE-2018-25267: UltraISO 9.7.1.3519 contains a local buffer overflow vulnerability in the Output FileName field of t
UltraISO 9.7.1.3519 contains a local buffer overflow vulnerability in the Output FileName field of the Make CD/DVD Image dialog that allows attackers to overwrite SEH and SE handler records. Attackers can craft a malicious filename string with 304 bytes of data followed by SEH record overwrite values and paste it into the Output FileName field to tr
nvd
CVE-2010-5255P4MEDIUMCVSS 6.9v9.3.6.27502012-09-07
CVE-2010-5255 [MEDIUM] CVE-2010-5255: Untrusted search path vulnerability in UltraISO 9.3.6.2750 allows local users to gain privileges via
Untrusted search path vulnerability in UltraISO 9.3.6.2750 allows local users to gain privileges via a Trojan horse daemon.dll file in the current working directory, as demonstrated by a directory that contains a .iso file. NOTE: some of these details are obtained from third party information.
nvd