Lucene search

[email protected]NVD:CVE-2005-3831

HistoryNov 26, 2005 - 7:03 p.m.

CVE-2005-3831

2005-11-2619:03:00

CWE-119

[email protected]

web.nvd.nist.gov

5.1 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

7.9 High

AI Score

Confidence

High

0.011 Low

EPSS

Percentile

84.7%

JSON

Stack-based buffer overflow in (1) CxZIP60.dll and (2) CxZIP60u.dll, as used in SpeedProject products including (a) ZipStar 5.0 Build 4285, (b) Squeez 5.0 Build 4285, and © SpeedCommander 11.0 Build 4430 and 10.51 Build 4430, allows user-assisted attackers to execute arbitrary code via a ZIP archive containing a long filename.

Affected configurations

NVD

Node

speedprojectspeedcommanderMatch10.51_build4430

speedprojectspeedcommanderMatch11.0_build4430

speedprojectsqueezMatch5.0_build_4285

speedprojectzipstarMatch5.0_build_4285

References

secunia.com/advisories/17420

secunia.com/secunia_research/2005-60/advisory

securitytracker.com/id?1015265

securitytracker.com/id?1015266

securitytracker.com/id?1015267

www.osvdb.org/21073

www.securityfocus.com/archive/1/417588/30/0/threaded

www.vupen.com/english/advisories/2005/2570

5.1 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

7.9 High

AI Score

Confidence

High

0.011 Low

EPSS

Percentile

84.7%

JSON

Related for NVD:CVE-2005-3831

cve1 cvelist1