Integer Overflow in FuseISO Allows Remote Denial of Service and Heap-Based Buffer Overflow

Integer Overflow in FuseISO Allows Remote Denial of Service and Heap-Based Buffer Overflow

CVE-2015-8836 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Integer overflow in the isofs_real_read_zf function in isofs.c in FuseISO 20070708 might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a large ZF block size in an ISO file, leading to a heap-based buffer overflow.

Learn more about our Web Application Penetration Testing UK.