CVE-2007-6613

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2007-6613
Stack-based buffer overflow in the print_iso9660_recurse function in iso-info (src/iso-info.c) in GNU Compact Disc Input and Control Library (libcdio) 0.79 and earlier allows context-dependent attackers to cause a denial of service (core dump) and possibly execute arbitrary code via a disk or image that contains a long joilet file name.

5.0 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References
Link Resource
http://bugs.gentoo.org/show_bug.cgi?id=203777 Exploit Patch
http://lists.gnu.org/archive/html/libcdio-devel/2007-12/msg00009.html
http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html
http://secunia.com/advisories/28308
http://secunia.com/advisories/28569
http://secunia.com/advisories/28796
http://secunia.com/advisories/28970
http://secunia.com/advisories/29242
http://security.gentoo.org/glsa/glsa-200801-08.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2008:037
http://www.securityfocus.com/bid/27131
http://www.ubuntu.com/usn/usn-580-1
http://www.vupen.com/english/advisories/2008/0030
https://bugzilla.redhat.com/show_bug.cgi?id=427197 Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/39405
http://bugs.gentoo.org/show_bug.cgi?id=203777 Exploit Patch
http://lists.gnu.org/archive/html/libcdio-devel/2007-12/msg00009.html
http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html
http://secunia.com/advisories/28308
http://secunia.com/advisories/28569
http://secunia.com/advisories/28796
http://secunia.com/advisories/28970
http://secunia.com/advisories/29242
http://security.gentoo.org/glsa/glsa-200801-08.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2008:037
http://www.securityfocus.com/bid/27131
http://www.ubuntu.com/usn/usn-580-1
http://www.vupen.com/english/advisories/2008/0030
https://bugzilla.redhat.com/show_bug.cgi?id=427197 Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/39405
Configurations

Configuration 1 (hide)

cpe:2.3:a:gnu:libcdio:*:*:*:*:*:*:*:*
History

No history.

Information

Published : 2008-01-03 22:46

Updated : 2025-04-09 00:30

NVD link : CVE-2007-6613

Mitre link : CVE-2007-6613

CVE.ORG link : CVE-2007-6613

JSON object : View

Products Affected

gnu

  • libcdio
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer