Lucene search

[email protected]CVE-2006-6884

HistoryJan 05, 2007 - 11:00 a.m.

CVE-2006-6884

2007-01-0511:00:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2006-6884

buffer overflow

wzfileview

fileviewctrl.61

activex control

winzip 10.0 build 6667

remote code execution

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.6 High

AI Score

Confidence

Low

0.963 High

EPSS

Percentile

99.5%

JSON

Buffer overflow in the WZFILEVIEW.FileViewCtrl.61 ActiveX control (aka Sky Software “FileView” ActiveX control) for WinZip 10.0 Build 6667 allows remote attackers to execute arbitrary code via a long argument to the CreateNewFolderFromName method, a different vulnerability than CVE-2006-5198.

Affected configurations

NVD

Node

winzipwinzipMatch10.0_build_6667

CPENameOperatorVersion
winzip:winzipwinzipeq10.0_build_6667

CPE	Name	Operator	Version
winzip:winzip	winzip	eq	10.0_build_6667

References

www.securityfocus.com/archive/1/455608/100/0/threaded

www.securityfocus.com/archive/1/455612/100/0/threaded

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.6 High

AI Score

Confidence

Low

0.963 High

EPSS

Percentile

99.5%

JSON

Related for CVE-2006-6884

cvelist3 checkpoint_advisories1 nvd3 saint4 cve2 packetstorm1 zdi1 securityvulns1 cert2 nessus1