CVE-2007-0097

Name of the Vulnerable Software and Affected Versions PowerArchiver 2006 version 9.64.02 PAISO.DLL version 1.7.3.0 (1.7.3 beta)

Description The issue is related to multiple stack-based buffer overflows in the LoadTree and ReadHeader functions. This can be exploited by user-assisted attackers to execute arbitrary code via a crafted ISO file containing a file within several nested directories.

Recommendations For PowerArchiver 2006 version 9.64.02, consider avoiding the use of PAISO.DLL version 1.7.3.0 (1.7.3 beta) until a patch is available. As a temporary workaround, restrict the handling of crafted ISO files to minimize the risk of exploitation. Avoid using the LoadTree and ReadHeader functions in PAISO.DLL until the issue is resolved.