Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3194

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-2005-3194
Last Modified 10 Sep 2008 03:45:49
Published 14 Oct 2005 06:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2005-3194

Summary

Multiple buffer overflows in ALZip 6.12 (Korean), 6.1 (International), and 5.52 (English) allow remote attackers to execute arbitrary code via a long filename in a compressed (1) ALZ, (2) ARJ, (3) ZIP, (4) UUE, or (5) XXE archive.

Vulnerable Systems

Application

  • Estsoft Alzip 5.52 English

  • Estsoft Alzip 6.1 International

  • Estsoft Alzip 6.12 Korean


References

XF - alzip-filename-bo(22526)

MISC - http://secunia.com/secunia_research/2005-49/advisory/

SECUNIA - 16847

BID - 15010

OSVDB - 19890

OSVDB - 19889

SECTRACK - 1015003


Last Updated: 27 May 2016 10:40:50