CVE-2007-4962

WinImage 8.10 and earlier - Path Traversal and Arbitrary File Write via Filename in .IMG or .ISO File

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-4962. PoCs published by j00ru//vx.

AI-analyzed exploit summary The exploit describes a directory traversal and denial-of-service vulnerability in WinImage due to insufficient input sanitization. Attackers can leverage these issues to write files to arbitrary directories or cause a denial of service.

Description

Directory traversal vulnerability in WinImage 8.10 and earlier allows user-assisted remote attackers to create or overwrite arbitrary files via a .. (dot dot) in a filename within a (1) .IMG or (2) .ISO file. NOTE: this can be leveraged for code execution by writing to a Startup folder.

Exploits (1)

exploitdb WRITEUP VERIFIED

by j00ru//vx · textremotewindows

https://www.exploit-db.com/exploits/30589

View Code ZIP pw:eip

The exploit describes a directory traversal and denial-of-service vulnerability in WinImage due to insufficient input sanitization. Attackers can leverage these issues to write files to arbitrary directories or cause a denial of service.

Classification

Writeup 90%

Attack Type

Dos | Other

Complexity

Trivial

Reliability

Theoretical

Target: WinImage 8.0 and 8.10

No auth needed

Prerequisites: Access to craft or manipulate input files processed by WinImage

MITRE ATT&CK