|
|
CVE Reference: CVE-2006-4554 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-4554 |
|
|
Description: Stack-based buffer overflow in the ReadFile function in the ZOO-processing exports in the BeCubed Compression Plus before 5.0.1.28, as used in products including (1) Tumbleweed EMF, (2) VCOM/Ontrack PowerDesk Pro, (3) Canyon Drag and Zip, (4) Canyon Power File, and (5) Canyon Power File Gold, allow context-dependent attackers to execute arbitrary code via an inconsistent size parameter in a ZOO file header. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/28693 SREASON http://securityreason.com/securityalert/1498 SAID Secunia Advisory: SA21714 Secunia Advisory: SA21718 Secunia Advisory: SA21720 Secunia Advisory: SA21750 Secunia Advisory: SA21751 MISC http://www.mnin.org/advisories/2006_cp5_tweed.pdf CONFIRM http://www.becubed.com/downloads/compfix.txt BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/444881/100/0/threaded BID 19796 |
|
| Return to the previous page. |
