Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-1010

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2004-1010
Last Modified 09 Jan 2015 09:59:18
Published 01 Mar 2005 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-1010

Summary

Buffer overflow in Info-Zip 2.3 and possibly earlier versions, when using recursive folder compression, allows remote attackers to execute arbitrary code via a ZIP file containing a long pathname.

Vulnerable Systems

Application

  • Info-zip Zip 2.3


References

BID - 11603

FEDORA - FLSA:2255

MISC - http://www.hexview.com/docs/20041103-1.txt

DEBIAN - DSA-624

FULLDISC - 20041103 [HV-MED] Zip/Linux long path buffer overflow

XF - infozip-compressed-folder-bo(17956)

UBUNTU - USN-18-1

TURBO - TLSA-2005-18

REDHAT - RHSA-2004:634

MANDRAKE - MDKSA-2004:141

CIAC - P-072

GENTOO - GLSA-200411-16

CONFIRM - http://www.info-zip.org/FAQ.html

SECUNIA - 13094


Last Updated: 27 May 2016 10:38:13