An issue was discovered in GNU libcdio before 2.0.0. There is a double free in get_cdtext_generic() in lib/driver/_cdio_generic.c.
Max CVSS
9.8
EPSS Score
0.81%
Published
2018-02-26
Updated
2018-10-31
realloc_symlink in rock.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service (NULL Pointer Dereference) via a crafted iso file.
Max CVSS
6.5
EPSS Score
0.17%
Published
2018-02-24
Updated
2018-10-31
print_iso9660_recurse in iso-info.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted iso file.
Max CVSS
8.8
EPSS Score
0.44%
Published
2018-02-24
Updated
2018-10-31
Stack-based buffer overflow in the print_iso9660_recurse function in iso-info (src/iso-info.c) in GNU Compact Disc Input and Control Library (libcdio) 0.79 and earlier allows context-dependent attackers to cause a denial of service (core dump) and possibly execute arbitrary code via a disk or image that contains a long joilet file name.
Max CVSS
5.0
EPSS Score
1.64%
Published
2008-01-03
Updated
2017-08-08
4 vulnerabilities found