Out-of-Bounds Read Vulnerability in The Sleuth Kit by Sleuth Kit
CVE-2017-13755

5.5MEDIUM

Key Information:

Vendor: Sleuthkit
Status: The Sleuth Kit
Vendor: CVE Published:; 29 August 2017

What is CVE-2017-13755?

In version 4.4.2 of The Sleuth Kit, there exists an out-of-bounds read vulnerability that can be exploited by opening specially crafted ISO 9660 images. This flaw is triggered during the execution of the iso9660_proc_dir() function in the iso9660_dent.c file of the libtskfs.a library, which may lead to unintended data exposure or application instability.

References

https://github.com/sleuthkit/sleuthkit/issues/913

x_refsource_MISC

https://lists.debian.org/debian-lts-announce/2022/06/msg0...

mailing-listx_refsource_MLIST

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 29, 2017
Vulnerability Reserved
Aug 29, 2017

CVE-2017-13755 Data

JSON

Sleuthkit

What is CVE-2017-13755?

References

CVSS V3.1

Timeline