OSVDB ID: 19906

Title: InnerMedia DynaZip DUNZIP32.dll Filename Overflow

Info

Disclosure

Oct 10, 2005

Discovery

Jan 24, 2005

Dates

Exploit

Unknown

Solution

Unknown

Description

A remote overflow exists in InnerMedia's DynaZip as used in multiple products. The 'DUNZIP32.DLL' library fails to perform proper bounds checking resulting in a buffer overflow. With a specially crafted '.zip' file containing a file with an overly long filename, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.

Classification

Location: Remote/Network Access Required
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Unknown
Disclosure: OSVDB Verified

Solution

Contact your vendor for an appropriate upgrade. An upgrade is required as there are no known workarounds.

Products

CheckMark Software Inc.	Payroll	3.9.6
		3.9.5
		3.9.4
		3.9.3
		3.9.2
		3.9.1
		3.7.5
	MultiLedger	7.0.1
		7.0.0
		6.0.5
		6.0.3

RealNetworks, Inc.	RealPlayer	10
		10.5 (6.0.12.1053)
		10.5 (6.0.12.1040)
	RealPlayer Beta	10.5 (6.0.12.1016)
	RealOne Player	v2
		v1

Inner Media, Inc.

DynaZip

5.00.03

dtSearch Corporation

dtSearch Desktop with Spider

7.10 (Build 7045)

McAfee, Inc.

VirusScan

10 Build 10.0.21

References

Security Tracker: 1011944 1012297
Bugtraq ID: 11555
Secunia Advisory ID: 12869 17096 17394 18194 19451
ISS X-Force ID: 17879
CVE ID: 2004-1094 (see also: NVD)
CERT VU: 582498
FrSIRT Advisory: ADV-2005-2057
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-12/0303.html
http://archives.neohapsis.com/archives/bugtraq/2006-03/0571.html
http://archives.neohapsis.com/archives/bugtraq/2006-09/0073.html
http://archives.neohapsis.com/archives/fulldisclosure/2004-10/1044.html
Vendor URL: http://www.checkmark.com/
http://www.dtsearch.com/
http://www.innermedia.com/
http://www.real.com/
Vendor Specific Advisory URL: http://www.checkmark.com/support/prw_update.php
http://www.service.real.com/help/faq/security/041026_player/EN/
Vendor Specific News/Changelog Entry: http://www.dtsearch.com/ReleaseNotes720.html
Other Advisory URL: http://www.eeye.com/html/research/advisories/AD20041027.html
http://www.networksecurity.fi/advisories/dtsearch.html
http://www.networksecurity.fi/advisories/mcafee-virusscan.html
http://www.networksecurity.fi/advisories/multiledger.html
http://www.networksecurity.fi/advisories/payroll.html
http://www.securiteam.com/windowsntfocus/6W00S1PEUO.html
http://www.securiteam.com/windowsntfocus/6Z00W00EAM.html

Credit

Juha-Matti Laurio - juha-matti.laurionetti.fi -
Yuji Ukai - alerteEye.com - eEye Digital Security

Direct URL: http://osvdb.org/36218

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

CheckMark Software Inc.

Payroll

MultiLedger

RealNetworks, Inc.

RealPlayer

RealPlayer Beta

RealOne Player

Inner Media, Inc.

DynaZip

dtSearch Corporation

dtSearch Desktop with Spider

McAfee, Inc.

VirusScan

References

Credit