Disc Soft Ltd Daemon Tools Pro ISO Parsing memory corruption vulnerability [CVE-2021-21832]

September 13, 2021 Duncan 3039 Views 0 Comments CVE-2021-21832, Cyber Security, Daemon Tools Pro, Disc Soft Ltd, Memory Corruption Vulnerability 0 min read

CVE number = CVE-2021-21832

A memory corruption vulnerability exists in the ISO Parsing functionality of Disc Soft Ltd Deamon Tools Pro 8.3.0.0767. A specially crafted malformed file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.

DAEMON Tools Pro is a powerful and professional emulation software to work with disc images and virtual drives. It allows mounting of ISO images on Windows systems.

When parsing a specifically crafted ISO file it is possible to cause a memory corruption. This is due to an integer overflow during a malloc operation.

Tested Versions

Disc Soft Ltd Daemon Tools Pro 8.3.0.0767

Please check the supplier website for any available updates – https://www.daemon-tools.cc/

Duncan

Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.

Disc Soft Ltd Daemon Tools Pro ISO Parsing memory corruption vulnerability [CVE-2021-21832]

Tested Versions

Like this:

Related Posts

Duncan

Leave a ReplyCancel reply

Tested Versions

Share this:

Like this:

Related Posts

Duncan

Leave a ReplyCancel reply