Note:
This project will be discontinued after December 13, 2021. [more]
2016-03-30
Stack-based buffer overflow in the isofs_real_readdir function in isofs.c in FuseISO 20070708 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long pathname in an ISO file.
Products | Debian_linux, Fedora, Fuseiso |
Type | Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) |
First patch | - None (likely due to unavailable code) |
Links |
• http://www.debian.org/security/2016/dsa-3551
• http://www.openwall.com/lists/oss-security/2015/02/23/9 • http://www.openwall.com/lists/oss-security/2015/02/06/7 • https://bugzilla.redhat.com/show_bug.cgi?id=862211 • https://bugzilla.redhat.com/show_bug.cgi?id=863091 |