Stack-based Buffer Overflow in GNU Compact Disc Input and Control Library
CVE-2007-6613

Currently unrated

Key Information:

Vendor

Gnu
Status
Libcdio
Vendor
CVE Published:
3 January 2008

What is CVE-2007-6613?

A stack-based buffer overflow exists within the print_iso9660_recurse function of the GNU Compact Disc Input and Control Library (libcdio) version 0.79 and earlier. This vulnerability allows context-specific attackers to exploit the flaw by delivering a specially crafted disk or disk image with excessively long Joliet file names, potentially leading to a denial of service through a core dump. Furthermore, this issue may allow for the execution of arbitrary code, posing significant security risks to affected systems.

References

http://www.ubuntu.com/usn/usn-580-1
vendor-advisoryx_refsource_UBUNTU
http://secunia.com/advisories/29242
third-party-advisoryx_refsource_SECUNIA
https://bugzilla.redhat.com/show_bug.cgi?id=427197
x_refsource_CONFIRM

EPSS Score

23% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2007-6613 : Stack-based Buffer Overflow in GNU Compact Disc Input and Control Library