CVE-2017-2823

Summary

A use-after-free vulnerability exists in the .ISO parsing functionality of PowerISO 6.8. A specially crafted .ISO file can cause a vulnerability resulting in potential code execution. An attacker can send a specific .ISO file to trigger this vulnerability.

Affected Software

VendorProductVersion RangeStatus
Power SoftwarePowerIso6.8 (6, 8, 0, 0)affected

Weaknesses

  • remote code execution

ADP Enrichment

CVE Program Container

Additional References

References