Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
10
CVSSv2

CVE-2004-0333

Published: 23/11/2004 Updated: 11/07/2017
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 1000
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Winzip

Vulnerability Summary

Buffer overflow in the UUDeview package, as used in WinZip 6.2 through WinZip 8.1 SR-1, and possibly other packages, allows remote malicious users to execute arbitrary code via a MIME archive with certain long MIME parameters.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

winzip winzip 8.1

uudeview uudeview 0.5.18

uudeview uudeview 0.5.19

openpkg openpkg

winzip winzip 7.0

winzip winzip 8.0

gentoo linux 1.4

Vendor Advisories

Debian CVElist Bug Report Logs: unsafe temp file creation (CAN-2004-2265)
Debian Bug report logs - #320541 unsafe temp file creation (CAN-2004-2265) Package: uudeview; Maintainer for uudeview is Debian QA Group <packages@qadebianorg>; Source for uudeview is src:uudeview (PTS, buildd, popcon) Reported by: Joey Hess <joeyh@debianorg> Date: Sat, 30 Jul 2005 05:03:01 UTC Severity: serious ...

Exploits

Exploit DB: WinZip - MIME Parsing Overflow
/* * Author: snooq * Date: 14 April 2004 * * This is a PoC exploit for WinZip32 MIME Parsing Overflow * bug reported by iDefense on 27 February 2004 * * The original advisory is found here: * wwwidefensecom/application/poi/display?id=76 * * This version is SP dependent becoz my idiotic shellcode * uses hardcode ...

References

NVD-CWE-Otherhttp://www.securityfocus.com/bid/9758http://www.kb.cert.org/vuls/id/116182http://www.winzip.com/fmwz90.htmhttp://www.ciac.org/ciac/bulletins/o-092.shtmlhttp://www.openpkg.org/security/OpenPKG-SA-2004.006-uudeview.htmlhttp://www.osvdb.org/4119http://secunia.com/advisories/10995http://secunia.com/advisories/11019http://www.idefense.com/application/poi/display?id=76&type=vulnerabiliti&flashstatus=truehttps://exchange.xforce.ibmcloud.com/vulnerabilities/15490https://exchange.xforce.ibmcloud.com/vulnerabilities/15336https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=320541https://nvd.nist.govhttps://www.exploit-db.com/exploits/272/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028memory leaklog injectionCVE-2024-3400CVE-2022-48695CVE-2022-48675CVE-2024-34487CVE-2024-33792spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook