Lucene search

[email protected]CVE-2013-5660

HistoryApr 25, 2014 - 5:12 p.m.

CVE-2013-5660

2014-04-2517:12:03

CWE-119

[email protected]

web.nvd.nist.gov

cve-2013-5660

buffer overflow

winarchiver 3.2

remote code execution

crafted .zip file

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

High

0.308 Low

EPSS

Percentile

97.0%

JSON

Buffer overflow in Power Software WinArchiver 3.2 allows remote attackers to execute arbitrary code via a crafted .zip file.

Affected configurations

NVD

Node

powersoftwarewinarchiverMatch3.2

CPENameOperatorVersion
powersoftware:winarchiverpowersoftware winarchivereq3.2

CPE	Name	Operator	Version
powersoftware:winarchiver	powersoftware winarchiver	eq	3.2

References

osvdb.org/ref/92/winarchiver-overflow.txt

osvdb.org/show/osvdb/92992

packetstormsecurity.com/files/121512/Winarchiver-3.2-Buffer-Overflow.html

realpentesting.blogspot.com.es/p/blog-page_3.html

seclists.org/fulldisclosure/2013/Sep/8

www.securityfocus.com/bid/59626

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

High

0.308 Low

EPSS

Percentile

97.0%

JSON

Related for CVE-2013-5660

nvd1 zdt1 prion1 cvelist1