Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4546


Vulnerability Score 5.8 5.8
CVE Id CVE-2007-4546
Last Modified 15 Nov 2008 01:57:28
Published 27 Aug 2007 07:17:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE



Unreal Commander 0.92 build 565 and 573 lists the filenames from the Central Directory of a ZIP archive, but extracts to local filenames corresponding to names in Local File Header fields in this archive, which might allow remote attackers to trick a user into performing a dangerous file overwrite or creation.

Vulnerable Systems


  • X-diesel Unreal Commander 0.92 Build565

  • X-diesel Unreal Commander 0.92 Build573


BID - 25419

BUGTRAQ - 20070823 X-Diesel Unreal Commander v0.92 (build 573) multiple vulnerabilities

OSVDB - 45831

SREASON - 3060

Last Updated: 27 May 2016 10:45:54