CVE-2021-21832

Опубликовано: 17 авг. 2021

Источник: nvd

CVSS3: 8.1

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

A memory corruption vulnerability exists in the ISO Parsing functionality of Disc Soft Ltd Deamon Tools Pro 8.3.0.0767. A specially crafted malformed file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.

Ссылки

https://talosintelligence.com/vulnerability_reports/TALOS-2021-1295
Exploit
Third Party Advisory
https://talosintelligence.com/vulnerability_reports/TALOS-2021-1295
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:disc-soft:daemon_tools:8.3.0.0767:*:*:*:pro:*:*:*

EPSS

Процентиль: 68%

0.00559

Низкий

8.1 High

CVSS3

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-680

CWE-190

Связанные уязвимости

GHSA-jx4q-93vj-qqgp

CVSS3: 9.8

github

больше 3 лет назад

A VULNERABILITY_CLASS vulnerability exists in the FEATURE functionality of Disc Soft Ltd Deamon Tools Pro AFFECTED_VERSIONS. A specially crafted VECTOR can lead to IMPACT. An attacker can EXPLOIT_ACTION to trigger this vulnerability.

EPSS

Процентиль: 68%

0.00559

Низкий

8.1 High

CVSS3

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-680

CWE-190