10

CVE-2004-0333

Exploit
Buffer overflow in the UUDeview package, as used in WinZip 6.2 through WinZip 8.1 SR-1, and possibly other packages, allows remote attackers to execute arbitrary code via a MIME archive with certain long MIME parameters.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
UudeviewUudeview Version0.5.18
UudeviewUudeview Version0.5.19
WinzipWinzip Version7.0
WinzipWinzip Version8.0
WinzipWinzip Version8.1
WinzipWinzip Version8.1 Updatesr1
GentooLinux Version1.4
GentooLinux Version1.4 Updaterc1
GentooLinux Version1.4 Updaterc2
GentooLinux Version1.4 Updaterc3
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 24.23% 0.976
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/10995
http://secunia.com/advisories/11019
http://www.ciac.org/ciac/bulletins/o-092.shtml
http://www.idefense.com/application/poi/display?id=76&type=vulnerabiliti&flashstatus=true
http://www.kb.cert.org/vuls/id/116182
Third Party Advisory
US Government Resource
http://www.openpkg.org/security/OpenPKG-SA-2004.006-uudeview.html
http://www.osvdb.org/4119
http://www.securityfocus.com/bid/9758
Patch
Vendor Advisory
Exploit
http://www.winzip.com/fmwz90.htm
https://exchange.xforce.ibmcloud.com/vulnerabilities/15336
https://exchange.xforce.ibmcloud.com/vulnerabilities/15490