Vulnerabilities > CVE-2006-2161 - Buffer Overflow vulnerability in TZipBuilder ZIP File
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Buffer overflow in (1) TZipBuilder 1.79.03.01, (2) Abakt 0.9.2 and 0.9.3-beta1, (3) CAM UnZip 4.0 and 4.3, and possibly other products, allows user-assisted attackers to execute arbitrary code via a ZIP archive that contains a file with a long file name.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 | |
Application | 2 | |
Application | 1 |
References
- http://marc.info/?l=full-disclosure&m=114771024009857&w=2
- http://secunia.com/advisories/19945
- http://secunia.com/advisories/19946
- http://secunia.com/advisories/20068
- http://secunia.com/secunia_research/2006-26/advisory
- http://secunia.com/secunia_research/2006-31/advisory/
- http://secunia.com/secunia_research/2006-34/advisory/
- http://securityreason.com/securityalert/853
- http://securitytracker.com/id?1016064
- http://securitytracker.com/id?1016107
- http://www.securityfocus.com/archive/1/433257/100/0/threaded
- http://www.securityfocus.com/archive/1/434019/100/0/threaded
- http://www.securityfocus.com/archive/1/434520/100/0/threaded
- http://www.securityfocus.com/bid/17880
- http://www.vupen.com/english/advisories/2006/1687
- http://www.vupen.com/english/advisories/2006/1805
- http://www.vupen.com/english/advisories/2006/1865
- http://www.xs4all.nl/~edienske/abakt/releases.html#0.9.3-RC1
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26275
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26435
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26549