CVE-2022-41992

Name of the Vulnerable Software and Affected Versions PowerISO version 8.3

Description A memory corruption issue exists in the VHD File Format parsing CXSPARSE record functionality. This can be triggered by a specially-crafted file, leading to an out-of-bounds write. A victim needs to open a malicious file to activate this issue. The problem arises because the 'number of blocks' value from the CXSPARSE record is not properly checked, allowing an attacker to control the loop counter and leading to arbitrary memory writing.

Recommendations For PowerISO version 8.3, ensure you are using the version with the latest bug fixes, as the developer has fixed the issue in a subsequent update, although no specific version number for the fix was assigned.