Ultraiso

ultraiso

Vendor: Ezbsystems • 6 CVEs

CVEs (6)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2018-25267 1Ezbsystems 1Ultraiso Apr 29, 2026 Apr 22, 2026 6.9 MEDIUM· v4 5.5 MEDIUM· v3 N/A· v2 UltraISO 9.7.1.3519 contains a local buffer overflow vulnerability in the Output FileName field of the Make CD/DVD Image dialog that allows attackers to overwrite SEH and SE handler records. Attackers can craft a malicio...Show more UltraISO 9.7.1.3519 contains a local buffer overflow vulnerability in the Output FileName field of the Make CD/DVD Image dialog that allows attackers to overwrite SEH and SE handler records. Attackers can craft a malicious filename string with 304 bytes of data followed by SEH record overwrite values and paste it into the Output FileName field to trigger a denial of service crash.Show less
CVE-2017-2840 1Ezbsystems 1Ultraiso Nov 21, 2024 Apr 24, 2018 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 A buffer overflow vulnerability exists in the ISO parsing functionality of EZB Systems UltraISO 9.6.6.3300. A specially crafted .ISO file can cause a vulnerability resulting in potential code execution. An attacker can p...Show more A buffer overflow vulnerability exists in the ISO parsing functionality of EZB Systems UltraISO 9.6.6.3300. A specially crafted .ISO file can cause a vulnerability resulting in potential code execution. An attacker can provide a specific .ISO file to trigger this vulnerability.Show less
CVE-2010-5255 1Ezbsystems 1Ultraiso Apr 29, 2026 Sep 7, 2012 N/A· v4 N/A· v3 6.9 MEDIUM· v2 Untrusted search path vulnerability in UltraISO 9.3.6.2750 allows local users to gain privileges via a Trojan horse daemon.dll file in the current working directory, as demonstrated by a directory that contains a .iso fi...Show more Untrusted search path vulnerability in UltraISO 9.3.6.2750 allows local users to gain privileges via a Trojan horse daemon.dll file in the current working directory, as demonstrated by a directory that contains a .iso file. NOTE: some of these details are obtained from third party information.Show less
CVE-2009-1260 1Ezbsystems 1Ultraiso Apr 23, 2026 Apr 7, 2009 N/A· v4 N/A· v3 9.3 HIGH· v2 Multiple stack-based buffer overflows in UltraISO 9.3.3.2685 and earlier allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted (1) CCD or (2) IMG file.
CVE-2008-4825 1Ezbsystems 1Ultraiso Apr 23, 2026 Apr 1, 2009 N/A· v4 N/A· v3 9.3 HIGH· v2 Multiple buffer overflows in UltraISO 9.3.1.2633, and possibly other versions before 9.3.3.2685, allow user-assisted attackers to execute arbitrary code via a crafted (1) CIF, (2) C2D, or (3) GI file.
CVE-2008-3871 1Ezbsystems 1Ultraiso Apr 23, 2026 Apr 1, 2009 N/A· v4 N/A· v3 9.3 HIGH· v2 Multiple format string vulnerabilities in UltraISO 9.3.1.2633, and possibly other versions before 9.3.3.2685, allow user-assisted attackers to execute arbitrary code via format string specifiers in the filename of a (1)...Show more Multiple format string vulnerabilities in UltraISO 9.3.1.2633, and possibly other versions before 9.3.3.2685, allow user-assisted attackers to execute arbitrary code via format string specifiers in the filename of a (1) DAA or (2) ISZ file.Show less