Lucene search

Kaspersky LabKLA10298

HistoryOct 08, 2007 - 12:00 a.m.

KLA10298 ACE vulnerability in PowerArchiver

2007-10-0800:00:00

Kaspersky Lab

threats.kaspersky.com

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

Low

0.309 Low

EPSS

Percentile

97.0%

JSON

A buffer overflow was found in PowerArchiver. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed filename.

Original advisories

Version gistory

Related products

PowerArchiver-2010

CVE list

CVE-2007-5279 critical

Solution

Update to latest version

Impacts

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

Affected Products

ConeXware PowerArchiver versions 10.20 and earlier

References

www.powerarchiver.com/history/

statistics.securelist.com/

threats.kaspersky.com/en/product/PowerArchiver-2010/

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

Low

0.309 Low

EPSS

Percentile

97.0%

JSON

Related for KLA10298