CVE-2018-11738
https://notcve.org/view.php?id=CVE-2018-11738
An issue was discovered in libtskfs.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function ntfs_make_data_run in tsk/fs/ntfs.c which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service attack. Se ha descubierto un problema en libtskfs.a en The Sleuth Kit (TSK), desde la versión 4.0.2 hasta la 4.6.1. Se ha encontrado una lectura fuera de límites de una región de memoria en la función ntfs_make_data_run en tsk/fs/ntfs.c que podría ser aprovechada por un atacante para revelar información o manipulada para ser leída desde la memoria no mapeada, lo que provocaría una denegación de servicio (DoS). • https://github.com/sleuthkit/sleuthkit/issues/1265 • CWE-125: Out-of-bounds Read •
CVE-2017-13760
https://notcve.org/view.php?id=CVE-2017-13760
In The Sleuth Kit (TSK) 4.4.2, fls hangs on a corrupt exfat image in tsk_img_read() in tsk/img/img_io.c in libtskimg.a. En The Sleuth Kit (TSK) 4.4.2, fls depende de una imagen exfat corrupta en tsk_img_read() en tsk/img/img_io.c en libtskimg.a. • https://github.com/sleuthkit/sleuthkit/issues/906 https://lists.debian.org/debian-lts-announce/2022/06/msg00015.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-13756
https://notcve.org/view.php?id=CVE-2017-13756
In The Sleuth Kit (TSK) 4.4.2, opening a crafted disk image triggers infinite recursion in dos_load_ext_table() in tsk/vs/dos.c in libtskvs.a, as demonstrated by mmls. En The Sleuth Kit (TSK) 4.4.2, abrir una imagen de disco manipulada desencadena una recursión infinita en dos_load_ext_table() en tsk/vs/dos.c en libtskfs.a, tal y como demuestra mmls. • https://github.com/sleuthkit/sleuthkit/issues/914 https://lists.debian.org/debian-lts-announce/2022/06/msg00015.html • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVE-2017-13755
https://notcve.org/view.php?id=CVE-2017-13755
In The Sleuth Kit (TSK) 4.4.2, opening a crafted ISO 9660 image triggers an out-of-bounds read in iso9660_proc_dir() in tsk/fs/iso9660_dent.c in libtskfs.a, as demonstrated by fls. En The Sleuth Kit (TSK) 4.4.2, abrir una imagen ISO 9660 manipulada desencadena una lectura fuera de límites en iso9660_proc_dir() en tsk/fs/iso9660_dent.c en libtskfs.a, tal y como demuestra fls. • https://github.com/sleuthkit/sleuthkit/issues/913 https://lists.debian.org/debian-lts-announce/2022/06/msg00015.html • CWE-125: Out-of-bounds Read •
CVE-2012-5619
https://notcve.org/view.php?id=CVE-2012-5619
The Sleuth Kit (TSK) 4.0.1 does not properly handle "." (dotfile) file system entries in FAT file systems and other file systems for which . is not a reserved name, which allows local users to hide activities it more difficult to conduct forensics activities, as demonstrated by Flame. Sleuth Kit (TSK) 4.0.1 no maneja debidamente las entradas del sistema de ficheros '.' (fichero punto) en los sistemas de ficheros FAT y otros sistemas de ficheros para los cuales . no es un nombre reservado, lo que permite a usuarios locales esconder las actividades it más difíciles de realizar actividades fornénsicas, como fue demostrado por Flame. • http://labs.bitdefender.com/2012/06/flame-the-story-of-leaked-data-carried-by-human-vector http://lists.fedoraproject.org/pipermail/package-announce/2013-January/097289.html http://lists.fedoraproject.org/pipermail/package-announce/2013-January/097293.html http://www.mandriva.com/security/advisories?name=MDVSA-2013:125 http://www.openwall.com/lists/oss-security/2012/12/01/2 http://www.openwall.com/lists/oss-security/2012/12/04/2 https://bugzilla.redhat.com/show_bug.cgi?id=883330 • CWE-20: Improper Input Validation •