CVE-2007-4198

Name of the Vulnerable Software and Affected Versions The Sleuth Kit (TSK) versions prior to 2.09

Description The issue allows user-assisted remote attackers to cause a denial of service, resulting in an application crash, and prevent the examination of certain NTFS files. This is achieved by providing a malformed NTFS image that triggers a buffer over-read in the fs data put str function in ntfs.c in fls.

Recommendations For versions prior to 2.09, update to version 2.09 or later to resolve the issue. As a temporary workaround, consider validating the length value of NTFS images before processing them to minimize the risk of exploitation. Restrict access to malformed NTFS images to prevent the application crash.