CVE-2019-1010065

The Sleuth Kit 4.6.0 and earlier is affected by: Integer Overflow. The impact is: Opening crafted disk image triggers crash in tsk/fs/hfsdent.c:237. The component is: Overflow in fls tool used on HFS image. Bug is in tsk/fs/hfs.c file in function hfscat_traverse() in lines: 952, 1062. The attack vector is: Victim must open a crafted HFS filesystem image.

References

Affected packages

Git / github.com/sleuthkit/sleuthkit

Affected ranges

Type: GIT
Repo: https://github.com/sleuthkit/sleuthkit
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

114cd3d0aac8bd1aeaf4b33840feb0163d342d5b

Affected versions

Other

VisualStudio_2010

sleuthkit-4.*

sleuthkit-4.0.0

sleuthkit-4.0.0b1

sleuthkit-4.0.1

sleuthkit-4.0.2

sleuthkit-4.1.0

sleuthkit-4.1.1

sleuthkit-4.1.2

sleuthkit-4.1.3

sleuthkit-4.2.0

sleuthkit-4.3.1

sleuthkit-4.4.0

sleuthkit-4.4.1

sleuthkit-4.4.2

sleuthkit-4.5.0

sleuthkit-4.6.0

Database specific

vanir_signatures

[
    {
        "source": "https://github.com/sleuthkit/sleuthkit/commit/114cd3d0aac8bd1aeaf4b33840feb0163d342d5b",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "85888735486623144762122607416535706051",
                "137554940077545665038056608158524872072",
                "90266475234331619233455404926702135152",
                "224160293188132932450465692781400908484",
                "85888735486623144762122607416535706051",
                "137554940077545665038056608158524872072",
                "90266475234331619233455404926702135152",
                "224160293188132932450465692781400908484"
            ]
        },
        "target": {
            "file": "tsk/fs/hfs.c"
        },
        "id": "CVE-2019-1010065-ecd5022a"
    }
]