CVE-2004-0575

High

10/10

Summary

Integer overflow in DUNZIP32.DLL for Microsoft Windows XP, Windows XP 64-bit Edition, Windows Server 2003, and Windows Server 2003 64-bit Edition allows remote attackers to execute arbitrary code via compressed (zipped) folders that involve an "unchecked buffer" and improper length validation.

Access Complexity: LOW
AccessVector: NETWORK
Authentication: NONE
Integrity Impact: COMPLETE
Confidentiality Impact: COMPLETE
Availability Impact: COMPLETE

References

Advisory Timeline

Published Nov 03, 2004

CVE-2004-0575

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS