CVE-2007-0264

Buffer overflow in Winzip32.exe in WinZip 9.0 allows local users to cause a denial of service (application crash) and possibly execute arbitrary code via a long command line argument. NOTE: this issue may cross privilege boundaries if an application automatically invokes Winzip32.exe for untrusted input filenames, as in the case of a file upload application. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.

CVSS v2.0 6.6 MEDIUM

6.6^/10

CVSS v2.0 : MEDIUM

Vector : AV:L/AC:M/Au:S/C:C/I:C/A:C

Exploitability : 2.7 / Impact : 10.0

Access Vector LOCAL

Access Complexity MEDIUM

Authentication SINGLE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://osvdb.org/39800
http://www.securityfocus.com/bid/22020

Configurations

Configuration 1 (hide)

cpe:2.3:a:winzip:winzip:9.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2007-01-16 23:28

Updated : 2023-12-10 10:40

NVD link : CVE-2007-0264

Mitre link : CVE-2007-0264

CVE.ORG link : CVE-2007-0264

JSON object : View

Products Affected

winzip

winzip

CWE

NVD-CWE-Other

{"id": "CVE-2007-0264", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.6, "accessVector": "LOCAL", "vectorString": "AV:L/AC:M/Au:S/C:C/I:C/A:C", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "MEDIUM", "obtainAllPrivilege": true, "exploitabilityScore": 2.7, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-01-16T23:28:00.000", "references": [{"url": "http://osvdb.org/39800", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/22020", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Buffer overflow in Winzip32.exe in WinZip 9.0 allows local users to cause a denial of service (application crash) and possibly execute arbitrary code via a long command line argument. NOTE: this issue may cross privilege boundaries if an application automatically invokes Winzip32.exe for untrusted input filenames, as in the case of a file upload application. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information."}, {"lang": "es", "value": "Un desbordamiento de b\u00fafer en el archivo Winzip32.exe en WinZip versi\u00f3n 9.0, permite a los usuarios locales causar una denegaci\u00f3n de servicio (bloqueo de aplicaci\u00f3n) y posiblemente ejecutar c\u00f3digo arbitrario por medio de un argumento largo de l\u00ednea de comando. NOTA: este problema puede cruzar los l\u00edmites de privilegios si una aplicaci\u00f3n invoca autom\u00e1ticamente el archivo Winzip32.exe para nombres de archivos de entrada no confiables, como en el caso de una aplicaci\u00f3n de carga de archivos. NOTA: La procedencia de esta informaci\u00f3n es desconocida; los detalles son obtenidos \u00fanicamente a partir de informaci\u00f3n de tercero"}], "lastModified": "2008-11-15T06:39:35.627", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:winzip:winzip:9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "523ADB29-C3D5-4C06-89B6-22B5FC68C240"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org", "evaluatorSolution": "This vulnerability is addressed in the following product release:\r\nWinZip, WinZip, 9.0 SR1"}