ID CVE-2007-4195
Summary Use-after-free vulnerability in ext2fs.c in Brian Carrier The Sleuth Kit (TSK) before 2.09 allows user-assisted remote attackers to cause a denial of service (application crash) and prevent examination of certain ext2fs files via a malformed ext2fs image.
References
Vulnerable Configurations
  • cpe:2.3:a:the_sleuth_kit:the_sleuth_kit:*:*:*:*:*:*:*:*
    cpe:2.3:a:the_sleuth_kit:the_sleuth_kit:*:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 15-10-2018 - 21:33)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:N/A:P
refmap via4
bid 25181
bugtraq
  • 20070726 Re: Guidance Software response to iSEC report on EnCase
  • 20070802 RE: Re: Guidance Software response to iSEC report on EnCase
misc http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf
mlist [sleuthkit-announce] 20070614 TSK 2.09 Released and new Wiki
osvdb 47000
Last major update 15-10-2018 - 21:33
Published 08-08-2007 - 01:17
Last modified 15-10-2018 - 21:33
Back to Top