Windows ZIP folders buffer overflow updated since 13.10.2004
Published:		10.04.2009
Source:		MICROSOFT
SecurityVulns ID:		4087
Type:		library
Level:		5/10
Description:		Integer overflow in DynaZip (DUNZIP32.DLL) library on oversized filename in archive.

Affected:		MICROSOFT : Windows XP
		MICROSOFT : Windows 2003 Server
		IBM : Lotus Notes 6.5
		CHECKMARK : MultiLedger 6.0
		INNERMEDIA : DynaZip 3.0
		INNERMEDIA : DynaZip 4.0
		INNERMEDIA : DynaZip 5.0
		MCAFEE : VirusScan 10.0
		DTSEARCH : dtSearch 7.10
		HP : OpenView Performance Agent C.04.60
		HP : OpenView Performance Agent C.04.70
		HP : OpenView Performance Agent C.04.72
CVE:		CVE-2008-4420

Original document		HP, [security bulletin] HPSBMA02396 SSRT080175 rev.1 - HP OpenView Performance Agent and HP Performance Agent Running on Windows, Remote Execution of Arbitrary Code (10.04.2009)
		Juha-Matti Laurio, IBM Lotus Notes DUNZIP32.dll Buffer Overflow Vulnerability (07.09.2006)
		Juha-Matti Laurio, McAfee VirusScan DUNZIP32.dll Buffer Overflow Vulnerability (30.03.2006)
		Juha-Matti Laurio, dtSearch DUNZIP32.dll Buffer Overflow Vulnerability (21.12.2005)
		SECURITEAM, [NT] CheckMark MultiLedger Buffer Overflow Vulnerability (DUNZIP32.dll) (31.10.2005)
		EEYE, [Full-Disclosure] EEYE: Windows Shell ZIP File Decompression DUNZIP32.DLL Buffer Overflow Vulnerability (13.10.2004)
		MICROSOFT, Microsoft Security Bulletin MS04-034 Vulnerability in Compressed (zipped) Folders Could Allow Remote Code Execution (873376) (13.10.2004)

Files:		Microsoft Windows Vulnerability in Compressed (zipped) Folders (MS04-034) exploit
		Microsoft Security Bulletin MS04-034 Vulnerability in Compressed (zipped) Folders Could Allow Remote Code Execution (873376)
Discuss:		Read or add your comments to this news (0 comments)