|
|
CVE Reference: CVE-2005-4667 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2005-4667 |
|
|
Description: Buffer overflow in UnZip 5.50 and earlier allows user-assisted attackers to execute arbitrary code via a long filename command line argument. NOTE: since the overflow occurs in a non-setuid program, there are not many scenarios under which it poses a vulnerability, unless unzip is passed long arguments when it is invoked from other programs. |
|
|
CVE Status: Candidate |
|
|
References: UBUNTU http://www.ubuntulinux.org/support/documentation/usn/usn-248-1 http://www.ubuntulinux.org/support/documentation/usn/usn-248-2 TRUSTIX http://www.trustix.org/errata/2006/0006 SAID Secunia Advisory: SA25098 REDHAT http://www.redhat.com/support/errata/RHSA-2007-0203.html OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11252 OSVDB 22400 MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2006:050 FULLDISC http://archives.neohapsis.com/archives/fulldisclosure/2005-12/0930.html FEDORA http://www.securityfocus.com/archive/1/archive/1/430300/100/0/threaded DEBIAN http://www.debian.org/security/2006/dsa-1012 BID 15968 |
|
| Return to the previous page. |
