CVEs-PoC/2017/CVE-2017-2823.md

### [CVE-2017-2823](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2823)
![](https://img.shields.io/static/v1?label=Product&message=PowerIso&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=6.8%20(6%2C%208%2C%200%2C%200)%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=remote%20code%20execution&color=brightgreen)

### Description

A use-after-free vulnerability exists in the .ISO parsing functionality of PowerISO 6.8. A specially crafted .ISO file can cause a vulnerability resulting in potential code execution. An attacker can send a specific .ISO file to trigger this vulnerability.

### POC

#### Reference
- https://talosintelligence.com/vulnerability_reports/TALOS-2017-0324

#### Github
No PoCs found on GitHub currently.