Описание
Multiple buffer overflows in ALZip 6.12 (Korean), 6.1 (International), and 5.52 (English) allow remote attackers to execute arbitrary code via a long filename in a compressed (1) ALZ, (2) ARJ, (3) ZIP, (4) UUE, or (5) XXE archive.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:estsoft:alzip:5.52_english:*:*:*:*:*:*:*
cpe:2.3:a:estsoft:alzip:6.1_international:*:*:*:*:*:*:*
cpe:2.3:a:estsoft:alzip:6.12_korean:*:*:*:*:*:*:*
EPSS
Процентиль: 89%
0.04821
Низкий
5.1 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Multiple buffer overflows in ALZip 6.12 (Korean), 6.1 (International), and 5.52 (English) allow remote attackers to execute arbitrary code via a long filename in a compressed (1) ALZ, (2) ARJ, (3) ZIP, (4) UUE, or (5) XXE archive.
EPSS
Процентиль: 89%
0.04821
Низкий
5.1 Medium
CVSS2
Дефекты
NVD-CWE-Other