Multiple file decompression utilities contain buffer overflow vulnerabilities for which the impacts vary.
Researchers at Rapid7, Inc. have discovered that multiple file decompression utilities are susceptible to buffer overflows as a result of large filenames embedded in crafted ZIP archive files. When affected users attempt to decompress these ZIP files, the buffer overflow may result in execution of arbitrary code.
The impact of this vulnerability may vary depending upon the product and its execution environment. Typically, successful exploitation of a buffer overflow will allow the attacker to execute arbitrary code with the privileges of the user running the application.
Apply a patch
The vendor section of this document lists vendors who have been notified of this issue and their responses.
Aladdin Systems Inc. Affected
Apple Computer Inc. Affected
Lotus Development Corporation Affected
Microsoft Corporation Affected
Cray Inc. Not Affected
Fujitsu Not Affected
IBM Not Affected
Juniper Networks Not Affected
NEC Corporation Not Affected
Network Appliance Not Affected
Openwall GNU/*/Linux Not Affected
Sun Microsystems Inc. Not Affected
The SCO Group (SCO Linux) Not Affected
The SCO Group (SCO UnixWare) Not Affected
WinZip Not Affected
Xerox Not Affected
Cisco Systems Inc. Unknown
Compaq Computer Corporation Unknown
Computer Associates Unknown
Data General Unknown
F5 Networks Unknown
Guardian Digital Inc. Unknown
Hewlett-Packard Company Unknown
Internet Security Systems Inc. Unknown
MontaVista Software Unknown
Nortel Networks Unknown
Red Hat Inc. Unknown
Sony Corporation Unknown
SuSE Inc. Unknown
Wind River Systems Inc. Unknown
This vulnerability was reported to the CERT/CC by Rapid7, Inc.
This document was written by Jeffrey P. Lanza.
|Date First Published:||2002-10-02|
|Date Last Updated:||2003-01-06 21:54 UTC|