Japan Vulnerability NotesJVN:61323184JVN#61323184 PowerArchiver buffer overflow vulnerability
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.309 Low
EPSS
Percentile
97.0%
PowerArchiver, file compression/decompression software from ConeXware, Inc. supporting multiple compression file formats, contains a buffer overflow vulnerability.
If a user opens a specially crafted file, an attacker could execute arbitrary code with the privileges of the user.
Impact
An attacker could execute arbitrary code with the privileges of the user who opened the file.
Solution
Update the Software
Apply the latest updates provided by the vendor.
For more information, refer to the vendor’s website.
Products Affected
- Versions prior to PowerArchiver 10.20.21
For more information, refer to the vendor’s website.
Related
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.309 Low
EPSS
Percentile
97.0%