Executive Summary

Informations
Name CVE-2005-3194 First vendor Publication 2005-10-14
Vendor Cve Last vendor Modification 2017-07-11

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:H/Au:N/C:P/I:P/A:P)
Cvss Base Score 5.1 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity High
Cvss Expoit Score 4.9 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Multiple buffer overflows in ALZip 6.12 (Korean), 6.1 (International), and 5.52 (English) allow remote attackers to execute arbitrary code via a long filename in a compressed (1) ALZ, (2) ARJ, (3) ZIP, (4) UUE, or (5) XXE archive.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3194

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 3

Open Source Vulnerability Database (OSVDB)

Id Description
19890 ALZip ARJ/ZIP/UUE/XXE Archive Handling Overflow

A remote overflow exists in ALZib. The application fails to perform proper bounds checking resulting in a heap-based buffer overflow. With a specially crafted ARJ, ZIP, UUE or XXE archive containing a compressed file with an overly long filename, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.
19889 ALZip ALZ Archive Handling Overflow

A remote overflow exists in ALZib. The application fails to perform proper bounds checking resulting in a stack-based buffer overflow. With a specially crafted ALZ archive containing a compressed file with an overly long filename, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.

Sources (Detail)

Source Url
BID http://www.securityfocus.com/bid/15010
MISC http://secunia.com/secunia_research/2005-49/advisory/
OSVDB http://www.osvdb.org/19889
http://www.osvdb.org/19890
SECTRACK http://securitytracker.com/id?1015003
SECUNIA http://secunia.com/advisories/16847/
XF https://exchange.xforce.ibmcloud.com/vulnerabilities/22526

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
Date Informations
2021-05-04 12:03:14
  • Multiple Updates
2021-04-22 01:03:31
  • Multiple Updates
2020-05-23 00:16:53
  • Multiple Updates
2017-07-11 12:02:01
  • Multiple Updates
2016-06-28 15:22:11
  • Multiple Updates
2016-04-26 13:51:42
  • Multiple Updates
2013-05-11 11:32:40
  • Multiple Updates