Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6613

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2007-6613
Last Modified 07 Mar 2011 10:03:18
Published 03 Jan 2008 05:46:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-6613

Summary

Stack-based buffer overflow in the print_iso9660_recurse function in iso-info (src/iso-info.c) in GNU Compact Disc Input and Control Library (libcdio) 0.79 and earlier allows context-dependent attackers to cause a denial of service (core dump) and possibly execute arbitrary code via a disk or image that contains a long joilet file name.

Vulnerable Systems

Application

  • Gnu Libcdio 0.79


References

CONFIRM - http://bugs.gentoo.org/show_bug.cgi?id=203777

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=427197

XF - libcdio-printiso9660recurse-bo(39405)

VUPEN - ADV-2008-0030

MLIST - [libcdio-devel] 20071231 buffer overrun in cd-info and iso-info and a release?

UBUNTU - USN-580-1

BID - 27131

MANDRIVA - MDVSA-2008:037

GENTOO - GLSA-200801-08

SECUNIA - 29242

SECUNIA - 28970

SECUNIA - 28796

SECUNIA - 28569

SECUNIA - 28308

SUSE - SUSE-SR:2008:005

Related Patches

Novell SUSE 2008:5060 libcdio security update for SLE 10 SP1 i586


Last Updated: 27 May 2016 10:46:32