Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

Published: 13/04/2009 Updated: 09/10/2019

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 828

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Multiple stack-based buffer overflows in DZIP32.DLL prior to 5.0.0.8 in DynaZip Max and DZIPS32.DLL prior to 6.0.0.5 in DynaZip Max Secure; as used in HP OpenView Performance Agent C.04.60, HP Performance Agent C.04.70 and C.04.72, TurboZIP 6.0, and other products; allow user-assisted malicious users to execute arbitrary code via a long filename in a ZIP archive during a (1) Fix (aka Repair), (2) Add, (3) Update, or (4) Freshen action, a related issue to CVE-2006-3985.

Vulnerable Product	Search on Vulmon	Subscribe to Product
hp openview performance agent c.04.60
hp openview performance agent c.04.70
hp openview performance agent c.04.72
innermedia dynazip max secure
innermedia dynazip max
filestream turbozip 6.0

CWE-119 http://vuln.sg/dynazip5007-en.html http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01622011 http://secunia.com/advisories/34659 http://vuln.sg/turbozip6-en.html http://www.securityfocus.com/archive/1/441084 http://www.vupen.com/english/advisories/2009/0980 http://innermedia.com/upgrades.html http://www.vupen.com/english/advisories/2006/2957 http://www.securityfocus.com/archive/1/441083 http://www.securityfocus.com/bid/19143 http://secunia.com/advisories/21180 http://osvdb.org/53478 http://www.securitytracker.com/id?1022021 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2008-4420

Vulnerability Summary

References

Vulmon Search

About

Products

Connect