Search...

PowerArchiver PAISO.DLL ISO File Handling Overflow

2007-01-04T08:48:48

ID OSVDB:32576
Type osvdb
Reporter OSVDB
Modified 2007-01-04T08:48:48

Description

No description provided by the source

References:

Secunia Advisory ID:23559 Other Advisory URL: http://vuln.sg/powarc964-en.html Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0087.html ISS X-Force ID: 31263 FrSIRT Advisory: ADV-2007-0041 CVE-2007-0097

JSON Vulners Source

Initial Source

{"bulletinFamily": "software", "viewCount": 0, "reporter": "OSVDB", "references": [], "description": "# No description provided by the source\n\n## References:\n[Secunia Advisory ID:23559](https://secuniaresearch.flexerasoftware.com/advisories/23559/)\nOther Advisory URL: http://vuln.sg/powarc964-en.html\nMail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0087.html\nISS X-Force ID: 31263\nFrSIRT Advisory: ADV-2007-0041\n[CVE-2007-0097](https://vulners.com/cve/CVE-2007-0097)\n", "affectedSoftware": [], "hashmap": [{"key": "affectedSoftware", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "bulletinFamily", "hash": "f9fa10ba956cacf91d7878861139efb9"}, {"key": "cvelist", "hash": "9008ea35aff5e931aa1aebbf5e85c8a1"}, {"key": "cvss", "hash": "2076413bdcb42307d016f5286cbae795"}, {"key": "description", "hash": "707c33cd8ee2d1d27a9aa86163d3c583"}, {"key": "href", "hash": "283df2864c6d63cc3d80124df0440964"}, {"key": "modified", "hash": "8081abf6ba0b9b68d887cc2bc5eba927"}, {"key": "objectVersion", "hash": "56765472680401499c79732468ba4340"}, {"key": "published", "hash": "8081abf6ba0b9b68d887cc2bc5eba927"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "955b328dc7cd615c13af5464c9183464"}, {"key": "title", "hash": "6b9aaa6aca3e62d2a7e14e9eb824fcc2"}, {"key": "type", "hash": "1327ac71f7914948578f08c54f772b10"}], "href": "https://vulners.com/osvdb/OSVDB:32576", "modified": "2007-01-04T08:48:48", "objectVersion": "1.2", "enchantments": {"score": {"value": 5.0, "vector": "NONE"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2007-0097"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:7000"]}, {"type": "nessus", "idList": ["POWERARCHIVER_PAISO_OVERFLOW.NASL"]}], "modified": "2017-04-28T13:20:28"}, "vulnersScore": 5.0}, "id": "OSVDB:32576", "title": "PowerArchiver PAISO.DLL ISO File Handling Overflow", "hash": "877500211834e04005ac190dfb1183252869893bce6be3e8b6fff18383f7b3b6", "edition": 1, "published": "2007-01-04T08:48:48", "type": "osvdb", "history": [], "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "cvelist": ["CVE-2007-0097"], "lastseen": "2017-04-28T13:20:28"}

{"cve": [{"lastseen": "2018-10-18T15:06:07", "bulletinFamily": "NVD", "description": "Multiple stack-based buffer overflows in the (1) LoadTree and (2) ReadHeader functions in PAISO.DLL 1.7.3.0 (1.7.3 beta) in ConeXware PowerArchiver 2006 9.64.02 allow user-assisted attackers to execute arbitrary code via a crafted ISO file containing a file within several nested directories.", "modified": "2018-10-16T12:31:08", "published": "2007-01-05T13:28:00", "id": "CVE-2007-0097", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-0097", "title": "CVE-2007-0097", "type": "cve", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:22", "bulletinFamily": "software", "description": "Buffer overflow on parsing .ISO files.", "modified": "2007-01-05T00:00:00", "published": "2007-01-05T00:00:00", "id": "SECURITYVULNS:VULN:7000", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:7000", "title": "Power Archiver buffer overflow", "type": "securityvulns", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2019-02-21T01:09:40", "bulletinFamily": "scanner", "description": "The remote host contains PowerArchiver, a file compression utility for Windows.\n\nThe version of PowerArchiver installed on the remote host has a buffer overflow in the 'paiso.dll' library file that can be triggered when processing the full pathname of a file within an ISO image. If an attacker can trick a user on the affected host into opening a specially crafted ISO image file, he can leverage this issue to execute arbitrary code on the host subject to the user's privileges.", "modified": "2018-11-15T00:00:00", "id": "POWERARCHIVER_PAISO_OVERFLOW.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=23976", "published": "2007-01-05T00:00:00", "title": "PowerArchiver paiso.dll ISO Image Handling Buffer Overflow", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(23976);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2018/11/15 20:50:28\");\n\n script_cve_id(\"CVE-2007-0097\");\n script_bugtraq_id(21867);\n\n script_name(english:\"PowerArchiver paiso.dll ISO Image Handling Buffer Overflow\");\n script_summary(english:\"Checks PowerArchiver file version\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host contains a utility that is affected by a\nbuffer overflow vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host contains PowerArchiver, a file compression utility for\nWindows.\n\nThe version of PowerArchiver installed on the remote host has a buffer\noverflow in the 'paiso.dll' library file that can be triggered when\nprocessing the full pathname of a file within an ISO image. If an\nattacker can trick a user on the affected host into opening a\nspecially crafted ISO image file, he can leverage this issue to\nexecute arbitrary code on the host subject to the user's privileges.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://vuln.sg/powarc964-en.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://seclists.org/bugtraq/2007/Jan/101\" );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to PowerArchiver 9.64.03 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/01/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/01/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:powerarchiver:powerarchiver\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"powerarchiver_detect.nbin\");\n script_require_keys(\"SMB/PowerArchiver/Installed\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\napp = \"PowerArchiver\";\nkb_base = \"SMB/PowerArchiver/\";\n\nversion = get_kb_item_or_exit(kb_base + \"Version\");\npath = get_kb_item_or_exit(kb_base + \"Path\");\n\nfix = \"9.6.4.3\";\nif (ver_compare(ver:version, fix:fix, strict:FALSE) >= 0) audit(AUDIT_INST_PATH_NOT_VULN, app, version, path);\n\nport = get_kb_item(\"SMB/transport\");\nif (!port) port = 445;\n\nif (report_verbosity > 0)\n{\n report =\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fix +\n '\\n';\n security_hole(port:port, extra:report);\n}\nelse security_hole(port);\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}