Anfälligkeitssuche        Suche in 187964 CVE Beschreibungen
und 85075 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.15459
Kategorie:Windows
Titel:Vulnerability in zipped folders may allow code execution (873376)
Zusammenfassung:NOSUMMARY
Beschreibung:Description:

The remote version of Windows is vulnerable to a bug in the way it handles compressed
(zipped) folders, which may in turn be exploited by an attacker to execute arbitrary
code on the remote host.

To exploit this flaw, an attacker would need to send a specially crafted .zip
file to a victim on the remote host and wait for him to browse the file using
the Windows Explorer.

Solution : http://www.microsoft.com/technet/security/bulletin/MS04-034.mspx
Risk factor : High

Querverweis: BugTraq ID: 11382
Common Vulnerability Exposure (CVE) ID: CVE-2004-0575
Bugtraq: 20041013 EEYE: Windows Shell ZIP File Decompression DUNZIP32.DLL Buffer Overflow Vulnerability (Google Search)
http://marc.info/?l=ntbugtraq&m=109767342326300&w=2
CERT/CC vulnerability note: VU#649374
http://www.kb.cert.org/vuls/id/649374
Computer Incident Advisory Center Bulletin: P-010
http://www.ciac.org/ciac/bulletins/p-010.shtml
http://www.eeye.com/html/research/advisories/AD20041012A.html
Microsoft Security Bulletin: MS04-034
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-034
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1053
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3913
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4276
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6397
http://securitytracker.com/id?1011637
XForce ISS Database: win-compressed-folders-bo(17624)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17624
XForce ISS Database: win-ms04034-patch(17659)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17659
CopyrightThis script is Copyright (C) 2004 Tenable Network Security

Dies ist nur einer von 85075 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.