CVE编号
CVE-2006-2482利用情况
暂无补丁情况
N/A披露时间
2006-09-09漏洞描述
Heap-based buffer overflow in the TZipTV component in (1) ZipTV for Delphi 7 2006.1.26 and for C++ Builder 2006-1.16, (2) PentaZip 8.5.1.190 and PentaSuite-PRO 8.5.1.221, and possibly other products, allows user-assisted attackers to execute arbitrary code via an ARJ archive with a long header. NOTE: the ACE archive vector is covered by CVE-2005-2856.解决建议
建议您更新当前系统或软件至最新版,完成漏洞的修复。
参考链接 |
|
|---|---|
| http://secunia.com/advisories/20270 | |
| http://secunia.com/advisories/21458 | |
| http://secunia.com/secunia_research/2006-50/advisory/ | |
| http://secunia.com/secunia_research/2006-72/advisory/ | |
| http://www.securityfocus.com/bid/19884 | |
| http://www.vupen.com/english/advisories/2006/3495 | |
| http://www.vupen.com/english/advisories/2007/0235 | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/28785 |
受影响软件情况
| # | 类型 | 厂商 | 产品 | 版本 | 影响面 | ||||
| 1 | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| 运行在以下环境 | |||||||||
| 应用 | microchip_data_systems | ziptv_for_c++_builder | 2006.1.16 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | microchip_data_systems | ziptv_for_delphi_7 | 2006.1.26 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | pentaware | pentasuite-pro | 8.5.1.221 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | pentaware | pentazip | 8.5.1.190 | - | |||||
- 攻击路径 网络
- 攻击复杂度 N/A
- 权限要求 无
- 影响范围 N/A
- 用户交互 需要
- 可用性 部分地
- 保密性 部分地
- 完整性 部分地
还没有评论,来说两句吧...