[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2004-1010Date: (C)2005-03-01   (M)2023-12-22


Buffer overflow in Info-Zip 2.3 and possibly earlier versions, when using recursive folder compression, allows remote attackers to execute arbitrary code via a ZIP file containing a long pathname.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 10.0
Exploit Score: 10.0
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
BID-11603
SECUNIA-13094
http://marc.info/?l=bugtraq&m=109958840611053&w=2
DSA-624
FLSA:2255
GLSA-200411-16
MDKSA-2004:141
P-072
RHSA-2004:634
TLSA-2005-18
USN-18-1
http://www.hexview.com/docs/20041103-1.txt
http://www.info-zip.org/FAQ.html
infozip-compressed-folder-bo(17956)
oval:org.mitre.oval:def:9848

OVAL    2
oval:org.secpod.oval:def:1000034
oval:org.secpod.oval:def:1000123

© SecPod Technologies