FAT12 Filesystem Corruption Vulnerability

FAT12 Filesystem Corruption Vulnerability

CVE-2015-8872 · LOW Severity

AV:L/AC:L/AU:N/C:N/I:N/A:P

The set_fat function in fat.c in dosfstools before 4.0 might allow attackers to corrupt a FAT12 filesystem or cause a denial of service (invalid memory read and crash) by writing an odd number of clusters to the third to last entry on a FAT12 filesystem, which triggers an "off-by-two error."

Learn more about our Web Application Penetration Testing UK.