Launchpad.net

CVE 2007-6613

Stack-based buffer overflow in the print_iso9660_recurse function in iso-info (src/iso-info.c) in GNU Compact Disc Input and Control Library (libcdio) 0.79 and earlier allows context-dependent attackers to cause a denial of service (core dump) and possibly execute arbitrary code via a disk or image that contains a long joilet file name.

Related bugs and status

CVE-2007-6613 (Candidate) is related to these bugs:

Bug #191216: [libcdio] [CVE-2007-6613] stack-based buffer overflow

		In	Importance	Status
191216	[libcdio] [CVE-2007-6613] stack-based buffer overflow	libcdio (Ubuntu)	Low	Fix Released
191216	[libcdio] [CVE-2007-6613] stack-based buffer overflow	libcdio (Ubuntu Dapper)	Low	Fix Released
191216	[libcdio] [CVE-2007-6613] stack-based buffer overflow	libcdio (Ubuntu Edgy)	Low	Fix Released
191216	[libcdio] [CVE-2007-6613] stack-based buffer overflow	libcdio (Ubuntu Hardy)	Low	Fix Released
191216	[libcdio] [CVE-2007-6613] stack-based buffer overflow	libcdio (Ubuntu Feisty)	Low	Fix Released
191216	[libcdio] [CVE-2007-6613] stack-based buffer overflow	libcdio (Ubuntu Gutsy)	Low	Fix Released

See the

CVE page on Mitre.org for more details.

References

MLIST: [libcdio-devel] 200712...
CONFIRM: http://bugs.gentoo.org...
CONFIRM: https://bugzilla.redha...
BID: 27131
SECUNIA: 28308
GENTOO: GLSA-200801-08
SECUNIA: 28569
MANDRIVA: MDVSA-2008:037
SECUNIA: 28796
UBUNTU: USN-580-1
SECUNIA: 28970
SUSE: SUSE-SR:2008:005
SECUNIA: 29242
VUPEN: ADV-2008-0030
XF: libcdio-printiso9660re...