Lucene search

SAINT CorporationSAINT:A3D51DBC9CEA6F089090D0FE74CDEE4D

HistoryMay 15, 2006 - 12:00 a.m.

Windows compressed folders buffer overflow

2006-05-1500:00:00

SAINT Corporation

download.saintcorporation.com

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.761 High

EPSS

Percentile

97.9%

JSON

Added: 05/15/2006
CVE: CVE-2004-0575
BID: 11382
OSVDB: 10695

Background

Microsoft Windows XP and Windows Server 2003 include the ability to natively handle ZIP files.

Problem

A buffer overflow when handling compressed folders allows command execution when a specially crafted ZIP file is opened by the operating system.

Resolution

http://www.microsoft.com/technet/security/bulletin/MS04-034.mspx

References

<http://www.kb.cert.org/vuls/id/649374>
<http://www.securityfocus.com/archive/1/378309>

Limitations

Successful exploitation requires a user to save the exploit file, open it, and either copy a file into the compressed folder or delete the **deletme.txt** file from the compressed folder.

Platforms

Windows XP

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.761 High

EPSS

Percentile

97.9%

JSON

Related for SAINT:A3D51DBC9CEA6F089090D0FE74CDEE4D