Lucene search
K
WinimageWinimage

5 matches found

CVE
CVE
added 2007/09/18 10:0 p.m.57 views

CVE-2007-4963

The CVE concerns WinImage 8.10 and earlier, which has a visual truncation vulnerability in filenames inside .IMG or .ISO files. A long sequence of space characters in a destination filename can be used to spoof the target name, and this can be combined with a separate directory traversal vulnerab...

9.3CVSS6.7AI score0.01989EPSS
CVE
CVE
added 2007/05/18 10:0 p.m.52 views

CVE-2007-2758

WinImage 8.0.8000 contains multiple buffer overflows that can be triggered by a FAT image with long directory names in deeply nested structures. The vulnerabilities can lead to user‑assisted remote code execution via (1) a stack‑based overflow during extraction or (2) a heap‑based overflow during...

9.3CVSS8AI score0.05724EPSS
CVE
CVE
added 2007/09/18 10:0 p.m.47 views

CVE-2007-4964

CVE-2007-4964 affects WinImage 8.10 and earlier. A malformed BPB_BytsPerSec field in the header of a .IMG file can allow remote attackers to cause a denial of service via an infinite loop. The available connected documents confirm the affected product and the underlying cause, but do not provide ...

5CVSS6.6AI score0.0281EPSS
CVE
CVE
added 2012/09/07 10:0 a.m.42 views

CVE-2010-5253

CVE-2010-5253 affects WinImage 8.50. A local untrusted search path vulnerability arises from a Trojan horse wnaspi32.dll placed in the current working directory, demonstrated via a directory containing an .imz file. The description notes third-party sources for some details. No exploitation statu...

6.9CVSS6.7AI score0.00517EPSS
CVE
CVE
added 2007/09/18 10:0 p.m.35 views

CVE-2007-4962

The CVE-2007-4962 entry affects WinImage up to version 8.10. A directory traversal flaw lets an attacker place or overwrite files by crafting a filename containing .. within a .IMG or .ISO image, potentially enabling code execution by writing to a Startup folder. The NVD entry and related records...

9.3CVSS7.3AI score0.05989EPSS