21 matches found
EUVD-2014-2357
Malware in sbrugna...
EUVD-2021-15341
Malware in sbrugna...
EUVD-2006-3978
Malware in sbrugna...
Xxe
The XML parser used in ConeXware PowerArchiver before 20.10.02 allows processing of external entities, which might lead to exfiltration of local files over the network via an XXE attack...
CVE-2021-28684
The CVE-2021-28684 entry describes an XXE vulnerability in the XML parser used by ConeXware PowerArchiver up to version 20.10.02, allowing external entities to exfiltrate local files over the network. Affected software is PowerArchiver (ConeXware) prior to 20.10.02; root cause is processing of ex...
CVE-2021-28684
The XML parser used in ConeXware PowerArchiver before 20.10.02 allows processing of external entities, which might lead to exfiltration of local files over the network via an XXE attack...
PowerArchiver by ConeXware Installed
Binary data powerarchiverdetect.nbin...
ConeXware PowerArchiver弱加密漏洞
Bugtraq ID:66174 CVE ID:CVE-2014-2319 ConeXware PowerArchiver是一款压缩工具。 如果在GUI中用户选择AES加密,ConeXware PowerArchiver会以不安全加密方法来创建文件。如选择"AES 256-bit"进行加密软件会使用PKZIP加密来代替。 0 ConeXware PowerArchiver 14.02.03 ConeXware PowerArchiver 14.02.05已经修复该漏洞,建议用户下载更新: http://www.powerarchiver.com...
CVE-2014-2319
The Encrypt Files feature in ConeXware PowerArchiver before 14.02.05 uses legacy ZIP encryption even if the AES 256-bit selection is chosen, which makes it easier for context-dependent attackers to obtain sensitive information via a known-plaintext attack...
CVE-2014-2319
PowerArchiver (ConeXware) 14.02.03 vulnerable: Encrypt Files feature uses legacy PKZIP encryption even when AES 256-bit is selected, enabling a known-plaintext exposure. Root cause is insecure encryption usage in the AES path. Affected version(s) include 14.02.03; vendor released 14.02.05 to fix ...
CVE-2014-2319
The Encrypt Files feature in ConeXware PowerArchiver before 14.02.05 uses legacy ZIP encryption even if the AES 256-bit selection is chosen, which makes it easier for context-dependent attackers to obtain sensitive information via a known-plaintext attack...
Heap overflow
Heap-based buffer overflow in ConeXware PowerArchiver before 10.20.21 might allow remote attackers to execute arbitrary code via a long filename in a BlackHole archive...
CVE-2007-5279
PowerArchiver (ConeXware) has a heap-based/buffer overflow vulnerability disclosed as CVE-2007-5279 affecting versions up to 10.20.21. The flaw allows remote code execution when a user opens a specially crafted BlackHole archive with a long filename, resulting in arbitrary code execution with the...
KLA10298 ACE vulnerability in PowerArchiver
A buffer overflow was found in PowerArchiver. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed filename. Original advisories Version gistory Related products PowerArchiver-2010 CVE list CVE-2007-5279...
JVN#61323184 PowerArchiver buffer overflow vulnerability
PowerArchiver, file compression/decompression software from ConeXware, Inc. supporting multiple compression file formats, contains a buffer overflow vulnerability. If a user opens a specially crafted file, an attacker could execute arbitrary code with the privileges of the user. Impact An attacke...
PowerArchiver PAISO.DLL ISO文件处理栈溢出漏洞
BUGTRAQ ID: 21867 PowerArchiver是一款压缩程序,除了一般压缩与解压缩的功能外,它并可设立密码及分片压缩功能,且支持鼠标右键的快显功能。 PowerArchiver在创建ISO镜像中文件的完整路径名时存在栈溢出漏洞,攻击者可能利用此漏洞控制用户机器。...
Stack overflow
Multiple stack-based buffer overflows in the 1 LoadTree and 2 ReadHeader functions in PAISO.DLL 1.7.3.0 1.7.3 beta in ConeXware PowerArchiver 2006 9.64.02 allow user-assisted attackers to execute arbitrary code via a crafted ISO file containing a file within several nested directories...
CVE-2007-0097
CVE-2007-0097 affects PowerArchiver (ConeXware) PAISO.DLL 1.7.3.0 (1.7.3 beta) within PowerArchiver 2006 9.64.02. The vulnerability consists of multiple stack-based buffer overflows in the LoadTree and ReadHeader functions when handling ISO images, specifically when processing the full pathname o...
CVE-2006-3985
Stack-based buffer overflow in DZIPS32.DLL 6.0.0.4 in ConeXware PowerArchiver 9.62.03 allows user-assisted attackers to execute arbitrary code by adding a new file to a crafted ZIP archive that already contains a file with a long name...
CVE-2006-3985
Stack-based buffer overflow in DZIPS32.DLL 6.0.0.4 in ConeXware PowerArchiver 9.62.03 allows user-assisted attackers to execute arbitrary code by adding a new file to a crafted ZIP archive that already contains a file with a long name...