87 matches found
CVE-2017-13756
In The Sleuth Kit TSK 4.4.2, opening a crafted disk image triggers infinite recursion in dosloadexttable in tsk/vs/dos.c in libtskvs.a, as demonstrated by mmls...
CVE-2017-13756
In The Sleuth Kit TSK 4.4.2, opening a crafted disk image triggers infinite recursion in dosloadexttable in tsk/vs/dos.c in libtskvs.a, as demonstrated by mmls...
CVE-2017-13755
In The Sleuth Kit TSK 4.4.2, opening a crafted ISO 9660 image triggers an out-of-bounds read in iso9660procdir in tsk/fs/iso9660dent.c in libtskfs.a, as demonstrated by fls...
Code injection
In The Sleuth Kit TSK 4.4.2, opening a crafted disk image triggers infinite recursion in dosloadexttable in tsk/vs/dos.c in libtskvs.a, as demonstrated by mmls...
CVE-2017-13755
In The Sleuth Kit TSK 4.4.2, opening a crafted ISO 9660 image triggers an out-of-bounds read in iso9660procdir in tsk/fs/iso9660dent.c in libtskfs.a, as demonstrated by fls...
CVE-2017-13756
In The Sleuth Kit TSK 4.4.2, opening a crafted disk image triggers infinite recursion in dosloadexttable in tsk/vs/dos.c in libtskvs.a, as demonstrated by mmls...
CVE-2017-13755
In The Sleuth Kit TSK 4.4.2, opening a crafted ISO 9660 image triggers an out-of-bounds read in iso9660procdir in tsk/fs/iso9660dent.c in libtskfs.a, as demonstrated by fls...
CVE-2017-13756
The Sleuth Kit (TSK) 4.4.2 contains CVE-2017-13756, where opening a crafted disk image triggers infinite recursion in dos_load_ext_table() (tsk/vs/dos.c) inside libtskvs.a, potentially causing a crash. Public notices across distributions report fixes: Debian’s sleuthkit package update (e.g., 4.4....
CVE-2012-5619
The Sleuth Kit TSK 4.0.1 does not properly handle "." dotfile file system entries in FAT file systems and other file systems for which . is not a reserved name, which allows local users to hide activities it more difficult to conduct forensics activities, as demonstrated by Flame...
CVE-2012-5619
The Sleuth Kit TSK 4.0.1 does not properly handle "." dotfile file system entries in FAT file systems and other file systems for which . is not a reserved name, which allows local users to hide activities it more difficult to conduct forensics activities, as demonstrated by Flame...
CVE-2012-5619
Summary (CVE-2012-5619) The Sleuth Kit (TSK) 4.0.1 fails to properly handle "." (dotfile) entries on FAT and other non-reserved-name filesystems, enabling local attackers to obscure forensic activity (e.g., Flame’s demonstration). Connected documents corroborate this dotfile handling issue and it...
CVE-2007-4197
icat in Brian Carrier The Sleuth Kit TSK before 2.09 omits NULL pointer checks in certain code paths, which allows user-assisted remote attackers to cause a denial of service NULL dereference and application crash and prevent examination of certain NTFS files via a malformed NTFS image...
CVE-2007-4196
icat in Brian Carrier The Sleuth Kit TSK before 2.09 misinterprets a certain memory location as the holder of a loop iteration count, which allows user-assisted remote attackers to cause a denial of service long loop and prevent examination of certain NTFS files via a malformed NTFS image...
CVE-2007-4197
icat in Brian Carrier The Sleuth Kit TSK before 2.09 omits NULL pointer checks in certain code paths, which allows user-assisted remote attackers to cause a denial of service NULL dereference and application crash and prevent examination of certain NTFS files via a malformed NTFS image...
CVE-2007-4199
Brian Carrier The Sleuth Kit TSK before 2.09 allows user-assisted remote attackers to cause a denial of service application crash and prevent examination of certain NTFS files via a malformed NTFS image that triggers 1 dereference of a certain integer value by ntfsdent.c in fls, or 2 dereference ...
Design/Logic Flaw
Use-after-free vulnerability in ext2fs.c in Brian Carrier The Sleuth Kit TSK before 2.09 allows user-assisted remote attackers to cause a denial of service application crash and prevent examination of certain ext2fs files via a malformed ext2fs image...
Memory corruption
icat in Brian Carrier The Sleuth Kit TSK before 2.09 misinterprets a certain memory location as the holder of a loop iteration count, which allows user-assisted remote attackers to cause a denial of service long loop and prevent examination of certain NTFS files via a malformed NTFS image...
CVE-2007-4199
Brian Carrier The Sleuth Kit TSK before 2.09 allows user-assisted remote attackers to cause a denial of service application crash and prevent examination of certain NTFS files via a malformed NTFS image that triggers 1 dereference of a certain integer value by ntfsdent.c in fls, or 2 dereference ...
CVE-2007-4199
Brian Carrier The Sleuth Kit TSK before 2.09 allows user-assisted remote attackers to cause a denial of service application crash and prevent examination of certain NTFS files via a malformed NTFS image that triggers 1 dereference of a certain integer value by ntfsdent.c in fls, or 2 dereference ...
CVE-2007-4199
Brian Carrier The Sleuth Kit TSK before 2.09 allows user-assisted remote attackers to cause a denial of service application crash and prevent examination of certain NTFS files via a malformed NTFS image that triggers 1 dereference of a certain integer value by ntfsdent.c in fls, or 2 dereference ...