header-logo
Suggest Exploit
vendor:
UltraISO
by:
SecurityFocus
7.5
CVSS
HIGH
Directory-Traversal Attack
22
CWE
Product Name: UltraISO
Affected Version From: 8.0.0. 1392
Affected Version To: 8.0.0. 1392
Patch Exists: YES
Related CWE: N/A
CPE: a:ezbsystems:ultraiso:8.0.0.1392
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
Reportedly in 2006

Directory-Traversal Attack on UltraISO

An attacker can carry out attacks using directory-traversal strings. These issues occur when the application processes malicious archives. A successful attack can allow the attacker to place potentially malicious files and to overwrite files on a computer in the context of the user running the affected application. A successful exploit may aid in further attacks.

Mitigation:

Ensure that the application is not processing malicious archives.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/17724/info

Reportedly, an attacker can carry out attacks using directory-traversal strings. These issues occur when the application processes malicious archives. 

A successful attack can allow the attacker to place potentially malicious files and to overwrite files on a computer in the context of the user running the affected application. A successful exploit may aid in further attacks.

This issue affects UltraISO version 8.0.0. 1392; other versions may also be affected.

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/27746.iso.bin

Navigation

Suggest Exploit

Services By CQR