2 matches found
CVE-2007-4198
The fsdataputstr function in ntfs.c in fls in Brian Carrier The Sleuth Kit TSK before 2.09 does not validate a certain length value, which allows user-assisted remote attackers to cause a denial of service application crash and prevent examination of certain NTFS files via a malformed NTFS image,...
CVE-2007-4198
The Sleuth Kit (TSK) tool fls uses fs_data_put_str in ntfs.c and, for versions before 2.09, does not validate a particular length value. This can cause a denial of service (application crash) and prevent examination of certain NTFS files when processing a malformed NTFS image, due to a buffer ove...