Lucene search

Ubuntu.comUB:CVE-2004-1010

HistoryMar 01, 2005 - 12:00 a.m.

CVE-2004-1010

2005-03-0100:00:00

ubuntu.com

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.175 Low

EPSS

Percentile

96.2%

JSON

Buffer overflow in Info-Zip 2.3 and possibly earlier versions, when using
recursive folder compression, allows remote attackers to execute arbitrary
code via a ZIP file containing a long pathname.

OSVersionArchitecturePackageVersionFilename
ubuntu6.06noarchzip< 2.31-3UNKNOWN
ubuntu6.10noarchzip< 2.31-3UNKNOWN
ubuntu7.04noarchzip< 2.31-3UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	6.06	noarch	zip	< 2.31-3	UNKNOWN
ubuntu	6.10	noarch	zip	< 2.31-3	UNKNOWN
ubuntu	7.04	noarch	zip	< 2.31-3	UNKNOWN

References

launchpad.net/bugs/cve/CVE-2004-1010

nvd.nist.gov/vuln/detail/CVE-2004-1010

security-tracker.debian.org/tracker/CVE-2004-1010

ubuntu.com/security/notices/USN-18-1

www.cve.org/CVERecord?id=CVE-2004-1010

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.175 Low

EPSS

Percentile

96.2%

JSON

Related for UB:CVE-2004-1010