Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-1094

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2004-1094
Last Modified 07 Mar 2011 09:16:37
Published 10 Jan 2005 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-1094

Summary

Buffer overflow in InnerMedia DynaZip DUNZIP32.dll file version 5.00.03 and earlier allows remote attackers to execute arbitrary code via a ZIP file containing a file with a long filename, as demonstrated using (1) a .rjs (skin) file in RealPlayer 10 through RealPlayer 10.5 (6.0.12.1053), RealOne Player 1 and 2, (2) the Restore Backup function in CheckMark Software Payroll 2004/2005 3.9.6 and earlier, (3) CheckMark MultiLedger before 7.0.2, (4) dtSearch 6.x and 7.x, (5) mcupdmgr.exe and mghtml.exe in McAfee VirusScan 10 Build 10.0.21 and earlier, (6) IBM Lotus Notes before 6.5.5, and other products. NOTE: it is unclear whether this is the same vulnerability as CVE-2004-0575, although the data manipulations are the same.

Vulnerable Systems

Application

  • Checkmark Multiledger 6.0.3

  • Checkmark Multiledger 6.0.5

  • Checkmark Multiledger 7.0.0

  • Checkmark Multiledger 7.0.1

  • Checkmark Payroll 3.7.5

  • Checkmark Payroll 3.9.1

  • Checkmark Payroll 3.9.2

  • Checkmark Payroll 3.9.3

  • Checkmark Payroll 3.9.4

  • Checkmark Payroll 3.9.5

  • Checkmark Payroll 3.9.6

  • Innermedia Dynazip Library 5.00.00

  • Innermedia Dynazip Library 5.00.01

  • Innermedia Dynazip Library 5.00.02

  • Innermedia Dynazip Library 5.00.03

  • Realnetworks Realone Player 1.0

  • Realnetworks Realone Player 2.0

  • Realnetworks Realplayer 10.0

  • Realnetworks Realplayer 10.0 6.0.12.690

  • Realnetworks Realplayer 10.0 Beta

  • Realnetworks Realplayer 10.5

  • Realnetworks Realplayer 10.5 6.0.12.1016 Beta

  • Realnetworks Realplayer 10.5 6.0.12.1040

  • Realnetworks Realplayer 10.5 6.0.12.1053


References

CERT-VN - VU#582498

BUGTRAQ - 20041027 High Risk Vulnerability in RealPlayer

XF - payroll-dunzip32-bo(22737)

XF - realplayer-dunzip32-bo(17879)

VUPEN - ADV-2006-1176

VUPEN - ADV-2005-2057

BID - 11555

BUGTRAQ - 20060906 IBM Lotus Notes DUNZIP32.dll Buffer Overflow Vulnerability

BUGTRAQ - 20060330 McAfee VirusScan DUNZIP32.dll Buffer Overflow Vulnerability

BUGTRAQ - 20051223 dtSearch DUNZIP32.dll Buffer Overflow Vulnerability

MISC - http://www.securiteam.com/windowsntfocus/6Z00W00EAM.html

OSVDB - 19906

MISC - http://www.networksecurity.fi/advisories/payroll.html

MISC - http://www.networksecurity.fi/advisories/multiledger.html

MISC - http://www.networksecurity.fi/advisories/mcafee-virusscan.html

MISC - http://www.networksecurity.fi/advisories/lotus-notes.html

MISC - http://www.networksecurity.fi/advisories/dtsearch.html

CONFIRM - http://service.real.com/help/faq/security/041026_player/EN/

SECTRACK - 1016817

SECTRACK - 1012297

SECTRACK - 1011944

SECUNIA - 19451

SECUNIA - 18194

SECUNIA - 17394

SECUNIA - 17096

BUGTRAQ - 20041027 EEYE: RealPlayer Zipped Skin File Buffer Overflow

SREASON - 653

SREASON - 296


Last Updated: 27 May 2016 10:38:54