|
|
Vulnerability Assessment & Network Security Forums |
|||||||||
|
If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery. Home >> Browse Vulnerability Assessment Database >> Windows >> Compression Plus Zoo Archive Processing Buffer Overflow Vulnerability Vulnerability Assessment Details
|
Compression Plus Zoo Archive Processing Buffer Overflow Vulnerability |
||
|
Checks version of Compression Plus' cp5dll32.dll Detailed Explanation for this Vulnerability Assessment Summary : There is a library file installed on the remote Windows host that is affected by a buffer overflow vulnerability. Description : The version of the Compression Plus toolkit installed on the remote host contains a DLL that reportedly is prone to a stack-based overflow when processing specially-crafted ZOO files. Exploitation depends on how the toolkit is used, especially with third-party products. See also : http://www.mnin.org/advisories/2006_cp5_tweed.pdf http://www.becubed.com/downloads/compfix.txt https://kb1.tumbleweed.com/article.asp?article=4175&p=2 Solution : Contact the vendor for a fix or upgrade Cp5dll32.dll to version 5.0.1.28 or later. Network Security Threat Level: Medium / CVSS Base Score : 5.6 (AV:R/AC:H/Au:NR/C:P/I:P/A:P/B:N) Networks Security ID: 19796 Vulnerability Assessment Copyright: This script is Copyright (C) 2006-2007 Tenable Network Security |
||
|
Hubs |
|
||
|
No Discussions have been posted on this vulnerability. |