OSVDB ID: 19906

Title: InnerMedia DynaZip DUNZIP32.dll Filename Overflow

Info

Disclosure

Oct 27, 2004

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Oct 27, 2004

Description

A remote overflow exists in InnerMedia's DynaZip as used in multiple products. The 'DUNZIP32.DLL' library fails to perform proper bounds checking resulting in a buffer overflow. With a specially crafted '.zip' file containing a file with an overly long filename, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Unknown
Disclosure: OSVDB Verified, Vendor Verified

Solution

Contact your vendor for an appropriate upgrade. An upgrade is required as there are no known workarounds.

Products

CheckMark Software Inc.	Payroll	3.9.6
		3.9.5
		3.9.4
		3.9.3
		3.9.2
		3.9.1
		3.7.5
	MultiLedger	7.0.1
		7.0.0
		6.0.5
		6.0.3

RealNetworks, Inc.	RealPlayer	10
		10.5 (6.0.12.1053)
		10.5 (6.0.12.1040)
	RealPlayer Beta	10.5 (6.0.12.1016)
	RealOne Player	V2
		v1

Inner Media, Inc.

DynaZip

5.00.03

dtSearch Corporation

dtSearch Desktop with Spider

7.10 (Build 7045)

McAfee, Inc.

VirusScan

10 Build 10.0.21

References

Security Tracker: 1011944 1012297
Bugtraq ID: 11555
Secunia Advisory ID: 12869 17096 17394 18194 19451
ISS X-Force ID: 17879
CVE ID: 2004-1094 (see also: NVD)
SCIP VulDB ID: 2121
CERT VU: 582498
VUPEN Advisory: ADV-2005-2057
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-12/0303.html
http://archives.neohapsis.com/archives/bugtraq/2006-03/0571.html
http://archives.neohapsis.com/archives/bugtraq/2006-09/0073.html
http://archives.neohapsis.com/archives/fulldisclosure/2004-10/1044.html
Other Advisory URL: http://research.eeye.com/html/advisories/published/AD20041027.html
http://www.networksecurity.fi/advisories/dtsearch.html
http://www.networksecurity.fi/advisories/mcafee-virusscan.html
http://www.networksecurity.fi/advisories/multiledger.html
http://www.networksecurity.fi/advisories/payroll.html
http://www.securiteam.com/windowsntfocus/6W00S1PEUO.html
http://www.securiteam.com/windowsntfocus/6Z00W00EAM.html
Vendor URL: http://www.checkmark.com/
http://www.dtsearch.com/
http://www.innermedia.com/
http://www.real.com/
Vendor Specific Advisory URL: http://www.checkmark.com/support/prw_update.php
http://www.service.real.com/help/faq/security/041026_player/EN/
Vendor Specific News/Changelog Entry: http://www.dtsearch.com/ReleaseNotes720.html

Credit

Juha-Matti Laurio - juha-matti.laurionetti.fi -
Yuji Ukai - alerteEye.com - eEye Digital Security

Direct URL: http://osvdb.org/19906

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

CheckMark Software Inc.

Payroll

MultiLedger

RealNetworks, Inc.

RealPlayer

RealPlayer Beta

RealOne Player

Inner Media, Inc.

DynaZip

dtSearch Corporation

dtSearch Desktop with Spider

McAfee, Inc.

VirusScan

References

Credit