1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: UltraISO Cue File

Attack: UltraISO Cue File

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects a remote stack-based buffer-overflow vulnerability in the UltraISO Cue.

Additional Information

UltraISO is a CD/DVD image-handing application for Microsoft Windows.

UltraISO is prone to a remote stack-based buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized memory buffer.

Specifically, this issue occurs when the application handles CUE files with excessively long strings. An attacker can exploit this issue by enticing an unsuspecting victim to use the application to open a maliciously crafted CUE file. Note that for the application to attempt to process the malicious CUE file, a BIN file with the same base filename must also be present.

Successful exploits may allow attackers to execute arbitrary code with the privileges of the affected application. Failed exploit attempts will likely result in denial-of-service conditions.

Affected

  • EZB Systems UltraISO 8.6.2.2011

Response

Download and install all vendor patches related to this vulnerability.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube