Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4547


Vulnerability Score 4.3 4.3
CVE Id CVE-2007-4547
Last Modified 15 Nov 2008 01:57:28
Published 27 Aug 2007 07:17:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE



Unreal Commander 0.92 build 565 and 573 writes portions of heap memory into local files when extracting from an archive with malformed size information in a file header, which might allow user-assisted attackers to obtain sensitive information (memory contents) by reading the extracted files. NOTE: this issue is only a vulnerability if Unreal is run with privileges, or if the extracted files are made accessible to other users.

Vulnerable Systems


  • X-diesel Unreal Commander 0.92 Build565

  • X-diesel Unreal Commander 0.92 Build573


BID - 25419

BUGTRAQ - 20070823 X-Diesel Unreal Commander v0.92 (build 573) multiple vulnerabilities

OSVDB - 45832

SREASON - 3060

Last Updated: 27 May 2016 10:45:54