3 results (0.002 seconds)

CVSS: 4.4EPSS: 0%CPEs: 7EXPL: 0

uulib/uunconc.c in UUDeview 0.5.20, as used in nzbget before 0.3.0 and possibly other products, allows local users to overwrite arbitrary files via a symlink attack on a temporary filename generated by the tempnam function. NOTE: this may be a CVE-2004-2265 regression. En la biblioteca uulib/uunconc.c en UUDeview versión 0.5.20, como es usado en nzbget versiones anteriores a 0.3.0 y posiblemente en otros productos, permite a usuarios locales sobrescribir archivos arbitrarios por medio de un ataque de tipo symlink sobre un nombre de archivo temporal generado por la función tempnam. NOTA: este puede ser una regresión de CVE-2004-2265. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480972 http://secunia.com/advisories/30171 http://secunia.com/advisories/31420 http://security.gentoo.org/glsa/glsa-200808-11.xml http://www.openwall.com/lists/oss-security/2008/05/14/10 http://www.openwall.com/lists/oss-security/2008/05/30/1 http://www.securityfocus.com/bid/29211 https://exchange.xforce.ibmcloud.com/vulnerabilities/42407 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0

UUDeview 0.5.20 and earlier handles temporary files insecurely during decoding, with unknown attack vectors and impact. • http://www.securityfocus.com/bid/9857 https://exchange.xforce.ibmcloud.com/vulnerabilities/15492 •

CVSS: 10.0EPSS: 37%CPEs: 11EXPL: 2

Buffer overflow in the UUDeview package, as used in WinZip 6.2 through WinZip 8.1 SR-1, and possibly other packages, allows remote attackers to execute arbitrary code via a MIME archive with certain long MIME parameters. • https://www.exploit-db.com/exploits/272 http://secunia.com/advisories/10995 http://secunia.com/advisories/11019 http://www.ciac.org/ciac/bulletins/o-092.shtml http://www.idefense.com/application/poi/display?id=76&type=vulnerabiliti&flashstatus=true http://www.kb.cert.org/vuls/id/116182 http://www.openpkg.org/security/OpenPKG-SA-2004.006-uudeview.html http://www.osvdb.org/4119 http://www.securityfocus.com/bid/9758 http://www.winzip.com/fmwz90.htm https://exchang •