NVD

Id
3733  
Name
CVE-2008-3871  
Description
Multiple format string vulnerabilities in UltraISO 9.3.1.2633, and possibly other versions before 9.3.3.2685, allow user-assisted attackers to execute arbitrary code via format string specifiers in the filename of a (1) DAA or (2) ISZ file.  
Reject
 
CVSS Version
2  
CVSS Score
9.3  
Severity
High  
CVSS Base Score
9.3  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-03  
Published
2009-04-01  
Modified Date
2009-04-16  
Seq
2008-3871  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
23644 3733 CVE-2008-3871 http://www.ezbsystems.com/ultraiso/history.htm  View
23645 3733 CVE-2008-3871 20090401 Secunia Research: UltraISO Image Name Parsing Format String Vulnerabilities  View
23646 3733 CVE-2008-3871 34325  View
23647 3733 CVE-2008-3871 1021965  View
23648 3733 CVE-2008-3871 ADV-2009-0903  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
41718 JVNDB-2009-002725 UltraISO におけるフォーマットストリングの脆弱性 UltraISO には、フォーマットストリングの脆弱性が存在します。 CVE-2008-3871 33984 CVE-2008-3871 3733 9.3 http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002725.html 2009-04-01 2012-06-26 View