Lucene search

[email protected]CVE-2006-4359

HistoryAug 27, 2006 - 2:04 a.m.

CVE-2006-4359

2006-08-2702:04:00

[email protected]

web.nvd.nist.gov

cve-2006-4359

stack-based buffer overflow

trident software powerzip

remote code execution

zip archive

5.1 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

8.4 High

AI Score

Confidence

Low

0.134 Low

EPSS

Percentile

95.6%

JSON

Stack-based buffer overflow in Trident Software PowerZip 7.06 Build 3895 on Windows 2000 allows remote attackers to execute arbitrary code via a ZIP archive containing a long filename.

Affected configurations

NVD

Node

trident_softwarepowerzipMatch7.06_build_3895

CPENameOperatorVersion
trident_software:powerziptrident software powerzipeq7.06_build_3895

CPE	Name	Operator	Version
trident_software:powerzip	trident software powerzip	eq	7.06_build_3895

References

secunia.com/advisories/21556

vuln.sg/powerzip706-en.html

www.securityfocus.com/bid/19671

www.vupen.com/english/advisories/2006/3360

exchange.xforce.ibmcloud.com/vulnerabilities/28534

5.1 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

8.4 High

AI Score

Confidence

Low

0.134 Low

EPSS

Percentile

95.6%

JSON

Related for CVE-2006-4359

nvd1 cvelist1