In version 4.8.0 and earlier of The Sleuth Kit (TSK), there is a heap-based buffer over-read in ntfs_dinode_lookup in fs/ntfs.c.
oryginał ENCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:HSleuthkit The Sleuth Kit
APPSleuthkit≤ 4.8.0
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje
Powiązane podatności
CVE-2020-10232CRITICAL9.8ten sam produkt
In version 4.8.0 and earlier of The Sleuth Kit (TSK), there is a stack buffer overflow vulnerability in the YA...
CVE-2019-14532CRITICAL9.8ten sam produkt
An issue was discovered in The Sleuth Kit (TSK) 4.6.6. There is an off-by-one overwrite due to an underflow on...
CVE-2019-14531CRITICAL9.8ten sam produkt
An issue was discovered in The Sleuth Kit (TSK) 4.6.6. There is an out of bounds read on iso9660 while parsing...
CVE-2026-40024HIGH8.4ten sam produkt
The Sleuth Kit through 4.14.0 contains a path traversal vulnerability in tsk_recover that allows an attacker t...
CVE-2022-45639HIGH7.8ten sam produkt
OS Command injection vulnerability in sleuthkit fls tool 4.11.1 allows attackers to execute arbitrary commands...