Описание
Multiple buffer overflows in (1) CxAce60.dll and (2) CxAce60u.dll in SpeedProject Squeez 5.10 Build 4460, and SpeedCommander 10.52 Build 4450 and 11.01 Build 4450, allow user-assisted remote attackers to execute arbitrary code via an ACE archive that contains a file with a long filename.
Ссылки
- PatchVendor Advisory
- Vendor Advisory
- Vendor Advisory
- PatchVendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:speedproject:speedcommander:10.52_build4450:*:*:*:*:*:*:*
cpe:2.3:a:speedproject:speedcommander:11.01_build4450:*:*:*:*:*:*:*
cpe:2.3:a:speedproject:squeez:5.10_build_4460:*:*:*:*:*:*:*
EPSS
Процентиль: 89%
0.04977
Низкий
5.1 Medium
CVSS2
Дефекты
CWE-119
Связанные уязвимости
github
почти 4 года назад
Multiple buffer overflows in (1) CxAce60.dll and (2) CxAce60u.dll in SpeedProject Squeez 5.10 Build 4460, and SpeedCommander 10.52 Build 4450 and 11.01 Build 4450, allow user-assisted remote attackers to execute arbitrary code via an ACE archive that contains a file with a long filename.
EPSS
Процентиль: 89%
0.04977
Низкий
5.1 Medium
CVSS2
Дефекты
CWE-119