OVAL Repository - View Definition: oval:org.mitre.oval:def:6397

OVAL Repository > View Definition

View Definition

NEW SEARCH : BACK

Definition Id: oval:org.mitre.oval:def:6397		Version: 11 Last Modified: 2011-10-03
Title:	Windows XP (64-Bit) DUNZIP Integer Overflow
Description:	Integer overflow in DUNZIP32.DLL for Microsoft Windows XP, Windows XP 64-bit Edition, Windows Server 2003, and Windows Server 2003 64-bit Edition allows remote attackers to execute arbitrary code via compressed (zipped) folders that involve an "unchecked buffer" and improper length validation.
Family:	windows	Class:	vulnerability
Status:	ACCEPTED	Reference(s):	CVE-2004-0575
Platform(s):	Microsoft Windows XP	Product(s):	Compressed Folders
Definition Synopsis:
Software section Windows XP is installed AND 64-Bit version of Windows is installed AND NOT Win2K/XP/2003 service pack 2 (or later) is installed AND the 64-bit WOW version of zipfldr.dll is less than 6.0.2800.1584 AND NOT the patch q873376 is installed (Hotfix key) AND Configuration section Compressed Folders with zipfldr.dll are enabled

NEW SEARCH : BACK

OVAL Repository

About the Repository

OVAL Repository Forum

Author’s Resources

Items of Interest