Vulnerabilities > CVE-2007-2888 - Unspecified vulnerability in EZB Systems Ultraiso

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

ezb-systems

exploit available

metasploit

NVD

Published: 2007-05-30

Updated: 2024-11-21

Summary

Stack-based buffer overflow in UltraISO 8.6.2.2011 and earlier allows user-assisted remote attackers to execute arbitrary code via a long FILE string (filename) in a .cue file, a related issue to CVE-2007-2761. NOTE: some details are obtained from third party information.

Vulnerable Configurations

Part	Description	Count
Application	Ezb_Systems EZB Systems Ultraiso *	1

Exploit-Db

description	UltraISO <= 8.6.2.2011 (Cue/Bin Files) Local Buffer Overflow Exploit. CVE-2007-2888. Local exploit for windows platform
id	EDB-ID:4001
last seen	2016-01-31
modified	2007-05-28
published	2007-05-28
reporter	n00b
source	https://www.exploit-db.com/download/4001/
title	UltraISO <= 8.6.2.2011 Cue/Bin Files Local Buffer Overflow Exploit

description	UltraISO CUE File Parsing Buffer Overflow. CVE-2007-2888. Local exploit for windows platform
id	EDB-ID:16627
last seen	2016-02-02
modified	2010-04-30
published	2010-04-30
reporter	metasploit
source	https://www.exploit-db.com/download/16627/
title	UltraISO CUE File Parsing Buffer Overflow

description	UltraISO <= 8.6.2.2011 (Cue/Bin Files) Local Buffer Overflow PoC. CVE-2007-2888. Dos exploit for windows platform
file	exploits/windows/dos/3978.pl
id	EDB-ID:3978
last seen	2016-01-31
modified	2007-05-24
platform	windows
port
published	2007-05-24
reporter	n00b
source	https://www.exploit-db.com/download/3978/
title	UltraISO <= 8.6.2.2011 Cue/Bin Files Local Buffer Overflow PoC
type	dos

Metasploit

description	This module exploits a stack-based buffer overflow in EZB Systems, Inc's UltraISO. When processing .CUE files, data is read from file into a fixed-size stack buffer. Since no bounds checking is done, a buffer overflow can occur. Attackers can execute arbitrary code by convincing their victim to open an CUE file. NOTE: A file with the same base name, but the extension of "bin" must also exist. Opening either file will trigger the vulnerability, but the files must both exist.
id	MSF:EXPLOIT/WINDOWS/FILEFORMAT/ULTRAISO_CUE
last seen	2020-06-14
modified	2017-07-24
published	2010-03-29
references	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2888
reporter	Rapid7
source	https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/fileformat/ultraiso_cue.rb
title	UltraISO CUE File Parsing Buffer Overflow

Packetstorm

data source	https://packetstormsecurity.com/files/download/87754/ultraiso_cue.rb.txt
id	PACKETSTORM:87754
last seen	2016-12-05
published	2010-03-30
reporter	jduck
source	https://packetstormsecurity.com/files/87754/UltraISO-CUE-File-Parsing-Buffer-Overflow.html
title	UltraISO CUE File Parsing Buffer Overflow

Summary

Vulnerable Configurations

Exploit-Db

Metasploit

Packetstorm

References