CVE-2015-8836

Published: 30 March 2016

Integer overflow in the isofs_real_read_zf function in isofs.c in FuseISO 20070708 might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a large ZF block size in an ISO file, leading to a heap-based buffer overflow.

Priority

Medium

CVSS 3 base score: 7.3

Status

Package Release Status
fuseiso
Launchpad, Ubuntu, Debian
Upstream
Released (20070708-3.2)
Ubuntu 16.04 ESM (Xenial Xerus) Not vulnerable
(20070708-3.2)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was released [20070708-3+deb7u1ubuntu14.04.1])