5 matches found
CVE-2007-4963
The CVE concerns WinImage 8.10 and earlier, which has a visual truncation vulnerability in filenames inside .IMG or .ISO files. A long sequence of space characters in a destination filename can be used to spoof the target name, and this can be combined with a separate directory traversal vulnerab...
CVE-2007-2758
WinImage 8.0.8000 contains multiple buffer overflows that can be triggered by a FAT image with long directory names in deeply nested structures. The vulnerabilities can lead to user‑assisted remote code execution via (1) a stack‑based overflow during extraction or (2) a heap‑based overflow during...
CVE-2007-4964
CVE-2007-4964 affects WinImage 8.10 and earlier. A malformed BPB_BytsPerSec field in the header of a .IMG file can allow remote attackers to cause a denial of service via an infinite loop. The available connected documents confirm the affected product and the underlying cause, but do not provide ...
CVE-2010-5253
CVE-2010-5253 affects WinImage 8.50. A local untrusted search path vulnerability arises from a Trojan horse wnaspi32.dll placed in the current working directory, demonstrated via a directory containing an .imz file. The description notes third-party sources for some details. No exploitation statu...
CVE-2007-4962
The CVE-2007-4962 entry affects WinImage up to version 8.10. A directory traversal flaw lets an attacker place or overwrite files by crafting a filename containing .. within a .IMG or .ISO image, potentially enabling code execution by writing to a Startup folder. The NVD entry and related records...