1. CVE-Search
  2. CVE-2006-2161
ID CVE-2006-2161
Summary Buffer overflow in (1) TZipBuilder 1.79.03.01, (2) Abakt 0.9.2 and 0.9.3-beta1, (3) CAM UnZip 4.0 and 4.3, and possibly other products, allows user-assisted attackers to execute arbitrary code via a ZIP archive that contains a file with a long file name.
References
Vulnerable Configurations
  • cpe:2.3:a:cam_development:cam_unzip:4.0:*:*:*:*:*:*:*
    cpe:2.3:a:cam_development:cam_unzip:4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:cam_development:cam_unzip:4.3:*:*:*:*:*:*:*
    cpe:2.3:a:cam_development:cam_unzip:4.3:*:*:*:*:*:*:*
  • cpe:2.3:a:erik_dienske:abakt:0.9.2:*:*:*:*:*:*:*
    cpe:2.3:a:erik_dienske:abakt:0.9.2:*:*:*:*:*:*:*
  • cpe:2.3:a:erik_dienske:abakt:0.9.3_beta1:*:*:*:*:*:*:*
    cpe:2.3:a:erik_dienske:abakt:0.9.3_beta1:*:*:*:*:*:*:*
  • cpe:2.3:a:roger_aelbrecht:tzipbuilder:1.79.03.01:*:*:*:*:*:*:*
    cpe:2.3:a:roger_aelbrecht:tzipbuilder:1.79.03.01:*:*:*:*:*:*:*
CVSS
Base: 5.1 (as of 18-10-2018 - 16:38)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK HIGH NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:H/Au:N/C:P/I:P/A:P
refmap via4
bid 17880
bugtraq
  • 20060508 Secunia Research: TZipBuilder ZIP File Handling Buffer OverflowVulnerability
  • 20060515 Secunia Research: Abakt ZIP File Handling Buffer OverflowVulnerability
  • 20060519 Secunia Research: CAM UnZip ZIP File Handling Buffer OverflowVulnerability
confirm http://www.xs4all.nl/~edienske/abakt/releases.html#0.9.3-RC1
fulldisc 20060515 Secunia Research: Abakt ZIP File Handling Buffer
misc
sectrack
  • 1016064
  • 1016107
secunia
  • 19945
  • 19946
  • 20068
sreason 853
vupen
  • ADV-2006-1687
  • ADV-2006-1805
  • ADV-2006-1865
xf
  • abakt-zip-bo(26435)
  • camunzip-archive-bo(26549)
  • tzipbuilder-zip-bo(26275)
Last major update 18-10-2018 - 16:38
Published 09-05-2006 - 10:02
Last modified 18-10-2018 - 16:38
Back to Top