CVE-2007-4547

Unreal Commander 0.92 build 565 and 573 writes portions of heap memory into local files when extracting from an archive with malformed size information in a file header, which might allow user-assisted attackers to obtain sensitive information (memory contents) by reading the extracted files. NOTE: this issue is only a vulnerability if Unreal is run with privileges, or if the extracted files are made accessible to other users.

CVSS v2.0 4.3 MEDIUM

4.3^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:P/I:N/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://osvdb.org/45832
http://securityreason.com/securityalert/3060
http://www.securityfocus.com/archive/1/477432/100/0/threaded
http://www.securityfocus.com/bid/25419

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:x-diesel:unreal_commander:0.92_build565:::::::*
	cpe:2.3:a:x-diesel:unreal_commander:0.92_build573:::::::*

History

No history.

Information

Published : 2007-08-27 23:17

Updated : 2024-02-04 17:13

NVD link : CVE-2007-4547

Mitre link : CVE-2007-4547

CVE.ORG link : CVE-2007-4547

JSON object : View

Products Affected

x-diesel

unreal_commander

CWE

NVD-CWE-noinfo

{"id": "CVE-2007-4547", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2007-08-27T23:17:00.000", "references": [{"url": "http://osvdb.org/45832", "source": "cve@mitre.org"}, {"url": "http://securityreason.com/securityalert/3060", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/477432/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/25419", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unreal Commander 0.92 build 565 and 573 writes portions of heap memory into local files when extracting from an archive with malformed size information in a file header, which might allow user-assisted attackers to obtain sensitive information (memory contents) by reading the extracted files. NOTE: this issue is only a vulnerability if Unreal is run with privileges, or if the extracted files are made accessible to other users."}, {"lang": "es", "value": "Unreal Commander 0.92 construcci\u00f3n 565 y 573 escribe porciones de la pila de memoria dentro de los archivos locales cuando estraen de un archivo con informaci\u00f3n de tama\u00f1o malformado en un archivo de cabecera, lo cual permite a atacantes con la intervenci\u00f3n de un usuario obtener informaci\u00f3n sensible (contenido de memoria) a trav\u00e9s de la lectura de los archivos extraidos. NOTA: este asunto es solo una vulnerabilidad si Unteal est\u00e1 funcionando con privilegios, o si los archivos extraidos se han hecho accesibles a otros usuarios."}], "lastModified": "2018-10-15T21:36:03.980", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:x-diesel:unreal_commander:0.92_build565:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5E10A135-3DEA-4C76-8BDA-28252FE266E0"}, {"criteria": "cpe:2.3:a:x-diesel:unreal_commander:0.92_build573:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A38B09DC-7E74-49EE-AA19-E9A542932AEF"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}