magiciso 5.0 build 0166 - Directory Traversal

EDB-ID:

27759


Author:

Sowhat

Type:

remote


Platform:

Windows

Date:

2006-04-28


Become a Certified Penetration Tester

Enroll in Penetration Testing with Kali Linux and pass the exam to become an Offensive Security Certified Professional (OSCP). All new content for 2020.

GET CERTIFIED

source: https://www.securityfocus.com/bid/17725/info

Reportedly, an attacker can carry out attacks using directory-traversal strings. These issues occur when the application processes malicious archives. 

A successful attack can allow the attacker to place potentially malicious files and to overwrite files on a computer in the context of the user running the affected application. A successful exploit may aid in further attacks.

This issue affects MagicISO version 5.0 Build 0166; other versions may also be affected.

https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/27759.iso.bin