What is CVE-2007-2888?

CVE-2007-2888 is a vulnerability in N/a. Published 2007-05-30.

Is CVE-2007-2888 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2007-2888

Stack-based buffer overflow in UltraISO 8.6.2.2011 and earlier allows user-assisted remote attackers to execute arbitrary code via a long FILE string (filename) in a .cue file, a related issue to CVE-2007-2761. NOTE: some details are obta…

EPSS: 0.815 (99.2th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

rapid7/metasploit-framework

References

24140 (vdb-entry, x_refsource_BID)
ultraiso-cuefile-bo(34485) (vdb-entry, x_refsource_XF)
36570 (x_refsource_OSVDB, vdb-entry)
25384 (x_refsource_SECUNIA, third-party-advisory)
3978 (exploit, x_refsource_EXPLOIT-DB)

Frequently asked questions

What is CVE-2007-2888?: CVE-2007-2888 is a vulnerability in N/a. Published 2007-05-30.
Is CVE-2007-2888 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.