CVE-2007-6563

Опубликовано: 28 дек. 2007

Источник: nvd

CVSS2: 10

EPSS Средний

Описание

Heap-based buffer overflow in WinAce 2.65 and earlier, and possibly other versions before 2.69, allows user-assisted remote attackers to execute arbitrary code via a long filename in a compressed UUE archive.

Ссылки

http://jvn.jp/jp/JVN%2344736880/index.html
http://jvndb.jvn.jp/contents/ja/2007/JVNDB-2007-000822.html
http://osvdb.org/40267
http://secunia.com/advisories/28215
Patch
Vendor Advisory
http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20071225
http://www.securityfocus.com/bid/27017
Patch
http://www.vupen.com/english/advisories/2007/4312
https://exchange.xforce.ibmcloud.com/vulnerabilities/39268
http://jvn.jp/jp/JVN%2344736880/index.html
http://jvndb.jvn.jp/contents/ja/2007/JVNDB-2007-000822.html
http://osvdb.org/40267
http://secunia.com/advisories/28215
Patch
Vendor Advisory
http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20071225
http://www.securityfocus.com/bid/27017
Patch
http://www.vupen.com/english/advisories/2007/4312
https://exchange.xforce.ibmcloud.com/vulnerabilities/39268

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:winace:winace:*:*:*:*:*:*:*:*

Версия до 2.65 (включая)

EPSS

Процентиль: 96%

0.23722

Средний

10 Critical

CVSS2

Дефекты

CWE-119

Связанные уязвимости

GHSA-pm46-7v73-h379

github

почти 4 года назад