8 matches found
EUVD-2006-4542
Malware in sbrugna...
Compression Plus ZOO文档处理栈溢出漏洞
Compression Plus库用于压缩/解压各种流行的文档格式。 Compression Plus库的代码在处理ZOO文档时存在漏洞,成功利用这个漏洞的攻击者可能以当前执行用户权限执行任意指令。 Compression Plus库中ReadFile函数的nNumberOfBytesToRead参数是由用户提供的,但没有执行任何长度检查。对ReadFile最多可传送7FFFh的值,但指定39Ch字节就可以覆盖栈中的函数返回指针,如下: .text:1040A71B movsx eax, word ptr ebp+ZooHeader+24h .text:1040A71F push eax...
PT-2006-5347 · Canyon +3 · Canyon Power File Gold +5
Name of the Vulnerable Software and Affected Versions: BeCubed Compression Plus versions prior to 5.0.1.28 Tumbleweed EMF versions prior to 5.0.1.28 VCOM/Ontrack PowerDesk Pro versions prior to 5.0.1.28 Canyon Drag and Zip versions prior to 5.0.1.28 Canyon Power File versions prior to 5.0.1.28...
CVE-2006-4554
Stack-based buffer overflow in the ReadFile function in the ZOO-processing exports in the BeCubed Compression Plus before 5.0.1.28, as used in products including 1 Tumbleweed EMF, 2 VCOM/Ontrack PowerDesk Pro, 3 Canyon Drag and Zip, 4 Canyon Power File, and 5 Canyon Power File Gold, allow...
Compression Plus CP5DLL32.DLL ZOO Archive Header Processing Overflow RCE
The version of the Compression Plus toolkit installed on the remote Windows host contains a DLL file that is affected by a stack-based overflow condition when processing specially crafted ZOO files. A remote attacker can exploit this issue, via an inconsistent size parameter in a ZOO file header,...
CVE-2006-4554
CVE-2006-4554 is a stack-based buffer overflow in BeCubed Compression Plus (ZOO-processing exports ReadFile) that allows arbitrary code execution via an inconsistent size parameter in a ZOO file header. Affected products include BeCubed Compression Plus prior to 5.0.1.28, and related suites such ...
KLA10125 ACE vulnerability in Compression Plus
A buffer overflow was found in the Compression Plus library. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed ZOO file. Original advisories BeCubed changelog Related products Compression-Plus CVE lis...
Compression Plus library buffer overflow
Buffer overflow on Zoo archives parsing...