8.5 High
AI Score
Confidence
High
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.135 Low
EPSS
Percentile
95.6%
AhnLab Antivirus 3 Internet Security 2008 Platinum appends data to a filename string at a location indicated by the “Filename length” field in a ZIP header, which allows remote attackers to cause a denial of service (machine crash) and possibly execute arbitrary code via a ZIP file in which this field’s value is larger than the actual number of bytes in the filename.
CPE | Name | Operator | Version |
---|---|---|---|
ahnlab:v3_internet_security | ahnlab v3 internet security | eq | 2008 |
global.ahnlab.com/global/notice_view.ESD?fmethod=view&press_seq=803&printNum=2
osvdb.org/42352
secunia.com/advisories/27757
securityreason.com/securityalert/3382
secway.org/advisory/AD20071116.txt
www.securityfocus.com/archive/1/483799/100/0/threaded
www.securityfocus.com/bid/26473
www.securitytracker.com/id?1018977
www.vupen.com/english/advisories/2007/3983
exchange.xforce.ibmcloud.com/vulnerabilities/38514