Oval Definition:	oval:org.mitre.oval:def:6397
Revision Date: 2011-10-24 Version: 34 Title: Windows XP (64-Bit) DUNZIP Integer Overflow Description: Integer overflow in DUNZIP32.DLL for Microsoft Windows XP, Windows XP 64-bit Edition, Windows Server 2003, and Windows Server 2003 64-bit Edition allows remote attackers to execute arbitrary code via compressed (zipped) folders that involve an "unchecked buffer" and improper length validation. Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2004-0575 Platform(s): Microsoft Windows XP Product(s): Compressed Folders Definition Synopsis Software section Windows XP is installed AND a version of Windows for the ia64 architecture is installed AND NOT Win2K/XP/2003 service pack 2 (or later) is installed AND the 64-bit WOW version of zipfldr.dll is less than 6.0.2800.1584 AND NOT the patch q873376 is installed (Hotfix key) AND Configuration section Compressed Folders with zipfldr.dll are enabled
BACK