Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-5171

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2012-5171
Last Modified 28 Dec 2012 12:00:00
Published 08 Nov 2012 06:46:24
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-5171

Summary

Directory traversal vulnerability in Be Graph BeZIP before 3.10 allows remote attackers to create or overwrite arbitrary files via a crafted archive file.

Vulnerable Systems

Application

  • Be-graph Bezip 3.00

  • Be-graph Bezip 3.02

  • Be-graph Bezip 3.03

  • Be-graph Bezip 3.04


References

CONFIRM - http://www.be-graph.com/bgi/product/bezip/secure1.html#en

JVNDB - JVNDB-2012-000101

JVN - JVN#18223913

CONFIRM - http://jvn.jp/en/jp/JVN18223913/995378/index.html

XF - bezip-unspecified-directory-traversal(79916)

BID - 56488


Last Updated: 27 May 2016 10:47:22