Lucene search

[email protected]CVE-2007-1614

HistoryMar 23, 2007 - 12:19 a.m.

CVE-2007-1614

2007-03-2300:19:00

[email protected]

web.nvd.nist.gov

cve-2007-1614

buffer overflow

zziplib

remote attackers

denial of service

arbitrary code execution

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

High

0.062 Low

EPSS

Percentile

93.6%

JSON

Stack-based buffer overflow in the zzip_open_shared_io function in zzip/file.c in ZZIPlib Library before 0.13.49 allows user-assisted remote attackers to cause a denial of service (application crash) or execute arbitrary code via a long filename.

Affected configurations

NVD

Node

zziplibzziplibRange≤0.13.45

CPENameOperatorVersion
zziplib:zziplibzziplible0.13.45

CPE	Name	Operator	Version
zziplib:zziplib	zziplib	le	0.13.45

References

osvdb.org/33838

secunia.com/advisories/24586

secunia.com/advisories/24708

security.gentoo.org/glsa/glsa-200704-05.xml

sourceforge.net/project/shownotes.php?group_id=6389&release_id=494587

www.mandriva.com/security/advisories?name=MDKSA-2007:093

www.securityfocus.com/bid/23013

www.securitylab.ru/forum/read.php?FID=21&TID=40858&MID=326187

www.vupen.com/english/advisories/2007/0998

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

High

0.062 Low

EPSS

Percentile

93.6%

JSON

Related for CVE-2007-1614

securityvulns1 openvas2 nvd1 debiancve1 nessus1 ubuntucve1 cvelist1 gentoo1 prion1