PT-2006-2969 · Pkware+1 · Zip+2
Publicado
2006-04-21
·
Atualizado
2017-07-20
·
CVE-2006-1985
CVSS v2.0
5.1
Média
| Vetor | AV:N/AC:H/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
BOMArchiveHelper version 10.4 (6.3) Build 312
Mac OS X versions prior to 10.4.6
Description
The issue allows user-assisted attackers to execute arbitrary code via a crafted archive, such as ZIP, that contains long path names. This triggers an error in the
BOMStackPop function.Recommendations
For BOMArchiveHelper version 10.4 (6.3) Build 312, consider avoiding the use of crafted archives until a fix is available.
For Mac OS X versions prior to 10.4.6, update to a version later than 10.4.6 to resolve the issue.
Exploit
Correção
Buffer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Bomarchivehelper
Macos X
Zip