Lucene search

[email protected]NVD:CVE-2003-1376

HistoryDec 31, 2003 - 5:00 a.m.

CVE-2003-1376

2003-12-3105:00:00

CWE-255

[email protected]

web.nvd.nist.gov

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

6.5 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

WinZip 8.0 uses weak random number generation for password protected ZIP files, which allows local users to brute force the encryption keys and extract the data from the zip file by guessing the state of the stream coder.

Affected configurations

NVD

Node

winzipwinzipMatch8.0

References

securityreason.com/securityalert/3265

www.securityfocus.com/archive/1/311059

www.securityfocus.com/bid/6805

exchange.xforce.ibmcloud.com/vulnerabilities/11296

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

6.5 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2003-1376

cve1 cvelist1