Lucene search

[email protected]CVE-2007-6060

HistoryNov 20, 2007 - 8:46 p.m.

CVE-2007-6060

2007-11-2020:46:00

CWE-20

[email protected]

web.nvd.nist.gov

cve-2007-6060

ahnlab antivirus

zip file

remote attackers

denial of service

arbitrary code execution

nvd

8.5 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.135 Low

EPSS

Percentile

95.6%

JSON

AhnLab Antivirus 3 Internet Security 2008 Platinum appends data to a filename string at a location indicated by the “Filename length” field in a ZIP header, which allows remote attackers to cause a denial of service (machine crash) and possibly execute arbitrary code via a ZIP file in which this field’s value is larger than the actual number of bytes in the filename.

CPENameOperatorVersion
ahnlab:v3_internet_securityahnlab v3 internet securityeq2008

CPE	Name	Operator	Version
ahnlab:v3_internet_security	ahnlab v3 internet security	eq	2008

References

global.ahnlab.com/global/notice_view.ESD?fmethod=view&press_seq=803&printNum=2

osvdb.org/42352

secunia.com/advisories/27757

securityreason.com/securityalert/3382

secway.org/advisory/AD20071116.txt

www.securityfocus.com/archive/1/483799/100/0/threaded

www.securityfocus.com/bid/26473

www.securitytracker.com/id?1018977

www.vupen.com/english/advisories/2007/3983

exchange.xforce.ibmcloud.com/vulnerabilities/38514

8.5 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.135 Low

EPSS

Percentile

95.6%

JSON

Related for CVE-2007-6060

prion1 cvelist1