Vulnerability in N/a
CVE-2004-0333
Buffer overflow in the UUDeview package, as used in WinZip 6.2 through WinZip 8.1 SR-1, and possibly other packages, allows remote attackers to execute arbitrary code via a MIME archive with certain long MIME parameters.
EPSS: 0.654 (98.5th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
References
- uudeview-multiple-bo(15490) (vdb-entry, x_refsource_XF)
- 4119 (x_refsource_OSVDB, vdb-entry)
- 9758 (vdb-entry, x_refsource_BID)
- 10995 (x_refsource_SECUNIA, third-party-advisory)
- O-092 (government-resource, third-party-advisory, x_refsource_CIAC)
- www.winzip.com/fmwz90.htm (x_refsource_CONFIRM)
- VU#116182 (x_refsource_CERT-VN, third-party-advisory)
- www.openpkg.org/security/OpenPKG-SA-2004.006-uudeview.html (x_refsource_CONFIRM)
- winzip-mime-bo(15336) (vdb-entry, x_refsource_XF)
- 20040227 WinZip MIME Parsing Buffer Overflow Vulnerability (x_refsource_IDEFENSE, third-party-advisory)