CVE-2008-3871

Multiple format string vulnerabilities in UltraISO 9.3.1.2633, and possibly other versions before 9.3.3.2685, allow user-assisted attackers to execute arbitrary code via format string specifiers in the filename of a (1) DAA or (2) ISZ file.
Configurations

Configuration 1

cpe:2.3:a:ezbsystems:ultraiso:9.3.1.2633:*:*:*:*:*:*:*

Information

Published : 2009-04-01 06:00

Updated : 2018-10-11 08:50


NVD link : CVE-2008-3871

Mitre link : CVE-2008-3871

Products Affected
No products.
CWE
CWE-134

Use of Externally-Controlled Format String