Zurück zur CVE-Übersicht
CVE-2020-24175
HIGH(7.8)CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Risk Signal Score20/100 — NIEDRIG
- CVSS 7.8 — Hoch
EPSS-Score
2%
Exploit-Wahrscheinlichkeit (30 Tage)
CVSS Score
7.8
Technische Schwere
Beschreibung
Buffer overflow in Yz1 0.30 and 0.32, as used in IZArc 4.4, ZipGenius 6.3.2.3116, and Explzh (extension) 8.14, allows attackers to execute arbitrary code via a crafted archive file, related to filename handling.
Referenzen
- https://gist.github.com/illikainen/315a420a9c28cbe882e16b8eba40b2e1
- https://gist.github.com/illikainen/ced14e08e00747fef613ba619bb25bb4
- https://illikainen.dev/advisories/014-yz1-izarc
- https://gist.github.com/illikainen/315a420a9c28cbe882e16b8eba40b2e1
- https://gist.github.com/illikainen/ced14e08e00747fef613ba619bb25bb4
- https://illikainen.dev/advisories/014-yz1-izarc