PowerArchiver paiso.dll ISO Image Handling Buffer Overflow
High Nessus Plugin ID 23976
SynopsisThe remote Windows host contains a utility that is affected by a buffer overflow vulnerability.
DescriptionThe remote host contains PowerArchiver, a file compression utility for Windows.
The version of PowerArchiver installed on the remote host has a buffer overflow in the 'paiso.dll' library file that can be triggered when processing the full pathname of a file within an ISO image. If an attacker can trick a user on the affected host into opening a specially crafted ISO image file, he can leverage this issue to execute arbitrary code on the host subject to the user's privileges.
SolutionUpgrade to PowerArchiver 9.64.03 or later.