Lucene search

TalosCVELIST:CVE-2021-21832

HistoryAug 17, 2021 - 7:01 p.m.

CVE-2021-21832

2021-08-1719:01:48

CWE-680

talos

www.cve.org

vulnerability

memory corruption

out-of-bounds write

iso parsing

disc soft

deamon tools pro

CVSS3

8.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.7

Confidence

High

EPSS

0.005

Percentile

76.3%

JSON

A memory corruption vulnerability exists in the ISO Parsing functionality of Disc Soft Ltd Deamon Tools Pro 8.3.0.0767. A specially crafted malformed file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.

CNA Affected

[
  {
    "product": "Disc",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Disc Soft Ltd Deamon Tools Pro 8.3.0.0767"
      }
    ]
  }
]

References

talosintelligence.com/vulnerability_reports/TALOS-2021-1295

CVSS3

8.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.7

Confidence

High

EPSS

0.005

Percentile

76.3%

JSON

Related for CVELIST:CVE-2021-21832