Nessus Plugin #11148
Plugin Index
Note: This file has been created from a
downloaded version of the Nessus Plugins
from
http://www.nessus.org/.
Therefore, the information here can be outdated.
Unchecked Buffer in Decompression Functions(Q329048)
- Family:
- Windows : Microsoft Bulletins
- Category:
- infos
- Copyright:
- This script is Copyright (C) 2002 SECNAP Network Security, LLC
- Summary:
- Checks for MS Hotfix Q329048, Unchecked Buffer in Decompression functions
- Version:
- $Revision: 1.9 $
- Cve_id:
- CAN-2002-0370, CAN-2002-1139
- Bugtraq_id:
- 5873, 5876
- Xrefs:
- -
- Description:
Two vulnerabilities exist in the Compressed Folders function:
An unchecked buffer exists in the programs that handles
the decompressing of files from a zipped file. A
security vulnerability results because attempts to open
a file with a specially malformed filename contained in
a zipped file could possibly result in Windows Explorer
failing, or in code of the attacker's choice being run.
The decompression function could place a file in a
directory that was not the same as, or a child of, the
target directory specified by the user as where the
decompressed zip files should be placed. This could
allow an attacker to put a file in a known location on
the users system, such as placing a program in a
startup directory
Impact of vulnerability: Two vulnerabilities, the most serious
of which could run code of attacker's choice
Maximum Severity Rating: Moderate
Recommendation: Consider applying the patch to affected systems
Affected Software:
Microsoft Windows 98 with Plus! Pack
Microsoft Windows Me
Microsoft Windows XP
See
http://www.microsoft.com/technet/security/bulletin/ms02-054.mspx
Risk factor : High
Generiert am 27.04.2005 um 18:49:54 Uhr.