PowerISO 6.8 Use-After-Free Vulnerability in .ISO Parsing Functionality

PowerISO 6.8 Use-After-Free Vulnerability in .ISO Parsing Functionality

CVE-2017-2823 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

A use-after-free vulnerability exists in the .ISO parsing functionality of PowerISO 6.8. A specially crafted .ISO file can cause a vulnerability resulting in potential code execution. An attacker can send a specific .ISO file to trigger this vulnerability.

Learn more about our Web Application Penetration Testing UK.