CVE-2004-0333

Description

Buffer overflow in the UUDeview package, as used in WinZip 6.2 through WinZip 8.1 SR-1, and possibly other packages, allows remote attackers to execute arbitrary code via a MIME archive with certain long MIME parameters.

Affected products

• gentoo / linux1.4 – 1.4
• gentoo / linux1.4 – 1.4
• gentoo / linux1.4 – 1.4
• gentoo / linux1.4 – 1.4
• openpkg / openpkg
• uudeview / uudeview0.5.19 – 0.5.19
• uudeview / uudeview0.5.18 – 0.5.18
• WinZip / WinZip8.1 – 8.1
• WinZip / WinZip8.1 – 8.1
• WinZip / WinZip8.0 – 8.0
• WinZip / WinZip7.0 – 7.0

References

• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/15490
• MISChttp://www.osvdb.org/4119
• MISChttp://www.securityfocus.com/bid/9758
• VENDOR_ADVISORYhttp://secunia.com/advisories/10995
• MISChttp://www.ciac.org/ciac/bulletins/o-092.shtml
• MISChttp://www.winzip.com/fmwz90.htm
• MISChttp://www.kb.cert.org/vuls/id/116182
• MISChttp://www.openpkg.org/security/OpenPKG-SA-2004.006-uudeview.html
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/15336
• MISChttp://www.idefense.com/application/poi/display?id=76&type=vulnerabiliti&flashstatus=true
• VENDOR_ADVISORYhttp://secunia.com/advisories/11019