CVE-2004-2609

2005-12-0411:00:00

mitre

www.cve.org

6.3 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.5%

JSON

The stuffit.com executable on Symantec PowerQuest DeployCenter 5.5 boot disks allows local users to obtain sensitive information (an unencrypted password for a Windows domain account) via four “stuffit /f:stuffit.dat” invocations, possibly due to a buffer overflow.

References

archives.neohapsis.com/archives/fulldisclosure/2004-08/1180.html

securitytracker.com/id?1011081

www.osvdb.org/9276

www.securityfocus.com/bid/11068

exchange.xforce.ibmcloud.com/vulnerabilities/17147