Stack-based Buffer Overflow in GNU Compact Disc Input and Control Library
CVE-2007-6613

Currently unrated

Key Information:

Vendor
Gnu
Status
Vendor
CVE Published:
3 January 2008

Summary

A stack-based buffer overflow exists within the print_iso9660_recurse function of the GNU Compact Disc Input and Control Library (libcdio) version 0.79 and earlier. This vulnerability allows context-specific attackers to exploit the flaw by delivering a specially crafted disk or disk image with excessively long Joliet file names, potentially leading to a denial of service through a core dump. Furthermore, this issue may allow for the execution of arbitrary code, posing significant security risks to affected systems.

References

EPSS Score

23% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.