PT-2004-2202 · Greed · Greed

Published

2004-12-22

Updated

2017-07-11

CVE-2004-1273

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: greed version 0.81p

Description: A buffer overflow issue exists in the DownloadLoop function in main.c, allowing remote attackers to execute arbitrary code via a GRX file containing a long filename.

Recommendations: For greed version 0.81p, consider avoiding the use of GRX files with long filenames until a patch is available. As a temporary workaround, restrict access to the DownloadLoop function in main.c to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2004-1273

Affected Products

Greed

PT-2004-2202 · Greed · Greed

CVE-2004-1273

Related Identifiers

Affected Products

References · 3