CVE-2007-2758

Name of the Vulnerable Software and Affected Versions WinImage version 8.0.8000

Description The issue is related to multiple buffer overflows that can be triggered by a FAT image with long directory names in a deeply nested directory structure. This can lead to the execution of arbitrary code via user-assisted remote attacks. The buffer overflows occur during extraction and traversal, specifically as a stack-based buffer overflow and a heap-based buffer overflow.

Recommendations For WinImage version 8.0.8000, consider avoiding the use of FAT images with deeply nested directory structures and long directory names until a fix is available. As a temporary workaround, restrict the extraction and traversal of such images to minimize the risk of exploitation.