CVE-2005-3317 Information

Feb 14, 2021 cve

Description

Multiple stack-based buffer overflows in ZipGenius 5.5.1.468 and 6.0.2.1041 and other versions before 6.0.2.1050 allow remote attackers to execute arbitrary code via (1) a ZIP archive that contains a file with a long filename which is not properly handled by (a) zipgenius.exe (b) zg.exe (c) zgtips.dll and (d) contmenu.dll; (2) a long original name in a (a) UUE (b) XXE or (c) MIM file which is not properly handled by zipgenius.exe; or (3) an ACE archive with a file with a long filename which is not properly handled by unacev2.dll.

Reference

http://forum.zipgenius.it/index.php?showtopic=684 http://secunia.com/advisories/17061 http://secunia.com/secunia_research/2005-54/advisory http://securityreason.com/securityalert/103 http://securitytracker.com/id?1015090 http://www.osvdb.org/20157 http://www.osvdb.org/20158 http://www.osvdb.org/20159 http://www.securityfocus.com/archive/1/414083 http://www.securityfocus.com/bid/15161

Share on: