In association with heise online

02 April 2009, 09:53

Security update for image tool UltraISO

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Three vulnerabilities have been fixed in the 9.3.3.2685 release of UltraISO that could have allowed an attacker to compromise a users system. UltraISO from EZB Systems is a tool to create, edit and convert CD and DVD ISO image files.

According to the security service provider Secunia, vulnerabilities in the parsing of CIF, C2D and GI files can be exploited in previous versions of UltraISO to cause a buffer overflow that could allow for the execution of malicious code. In order for an attack to be successful, the attacker must first convince the user to open one of the specially crafted files on their system.

See also:

(crve)

Print Version | Send by email | Permalink: http://h-online.com/-740905
 


  • July's Community Calendar





The H Open

The H Security

The H Developer

The H Internet Toolkit