source: http://www.securityfocus.com/bid/17724/info

Reportedly, an attacker can carry out attacks using directory-traversal strings. These issues occur when the application processes malicious archives. 

A successful attack can allow the attacker to place potentially malicious files and to overwrite files on a computer in the context of the user running the affected application. A successful exploit may aid in further attacks.

This issue affects UltraISO version 8.0.0. 1392; other versions may also be affected.

http://www.exploit-db.com/sploits/27758.iso.bin