NVD

Id
4245  
Name
CVE-2008-4420  
Description
Multiple stack-based buffer overflows in DZIP32.DLL before 5.0.0.8 in DynaZip Max and DZIPS32.DLL before 6.0.0.5 in DynaZip Max Secure; as used in HP OpenView Performance Agent C.04.60, HP Performance Agent C.04.70 and C.04.72, TurboZIP 6.0, and other products; allow user-assisted attackers to execute arbitrary code via a long filename in a ZIP archive during a (1) Fix (aka Repair), (2) Add, (3) Update, or (4) Freshen action, a related issue to CVE-2006-3985.  
Reject
 
CVSS Version
2  
CVSS Score
9.3  
Severity
High  
CVSS Base Score
9.3  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-03  
Published
2009-04-13  
Modified Date
2010-06-04  
Seq
2008-4420  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
26973 4245 CVE-2008-4420 HPSBMA02396  View
26974 4245 CVE-2008-4420 http://vuln.sg/dynazip5007-en.html  View
26975 4245 CVE-2008-4420 http://vuln.sg/turbozip6-en.html  View
26976 4245 CVE-2008-4420 20060725 [vuln.sg] DynaZip DZIP32.DLL/DZIPS32.DLL Buffer Overflow Vulnerabilities  View
26977 4245 CVE-2008-4420 20060725 [vuln.sg] TurboZIP ZIP Repair Buffer Overflow Vulnerability  View
26978 4245 CVE-2008-4420 19143  View
26979 4245 CVE-2008-4420 1022021  View
26980 4245 CVE-2008-4420 ADV-2006-2957  View
26981 4245 CVE-2008-4420 ADV-2009-0980  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
41720 JVNDB-2009-002727 HP OpenView Performance Agent の DynaZip Max Secure におけるスタックベースのバッファオーバーフローの脆弱性 HP OpenView Performance Agent、HP Performance Agent および TurboZIP で使用される DynaZip Max Secure の DynaZip Max および DZIPS32.DLL の DZIP32.DLL は、スタックベースのバッファオーバーフローの脆弱性が存在します。 CVE-2008-4420 34533 CVE-2008-4420 4245 9.3 http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002727.html 2009-04-08 2012-06-26 View