Executive Summary

Informations
NameCVE-2019-12807First vendor Publication2019-08-13
VendorCveLast vendor Modification2019-08-19

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Cvss Base Score6.8Attack RangeNetwork
Cvss Impact Score6.4Attack ComplexityMedium
Cvss Expoit Score8.6AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Alzip 10.83 and earlier version contains a stack-based buffer overflow vulnerability, caused by improper bounds checking during the parsing of crafted ISO archive file format. By persuading a victim to open a specially-crafted ISO archive file, an attacker could execution arbitrary code.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12807

CWE : Common Weakness Enumeration

%idName
100 %CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer

CPE : Common Platform Enumeration

TypeDescriptionCount
Application8
Os1

Sources (Detail)

SourceUrl
MISC https://www.altools.co.kr/Download/ALZip.aspx#n
https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35114

Alert History

If you want to see full details history, please login or register.
0
1
2
DateInformations
2019-08-20 00:19:19
  • Multiple Updates
2019-08-14 17:19:27
  • Multiple Updates
2019-08-14 05:18:56
  • First insertion