The Active Network
ActiveMac Anonymous | Create a User | Reviews | News | Forums | Advertise  
 

User Controls

New User

Login

Edit/View My Profile

ActiveMac

Articles

Forums

Links

News

News Search

Reviews

News Centers

Windows/Microsoft

DVD

ActiveHardware

Xbox

MaINTosh

News Search

ANet Chats

The Lobby

Special Events Room

Developer's Lounge

XBox Chat

FAQ's

Windows 98/98 SE

Windows 2000

Windows Me

Windows "Whistler" XP

Windows CE

Internet Explorer 6

Internet Explorer 5

Xbox

DirectX

DVD's

TopTechTips

Registry Tips

Windows 95/98

Windows 2000

Internet Explorer 4

Internet Explorer 5

Windows NT Tips

Program Tips

Easter Eggs

Hardware

DVD

Latest Reviews

Applications

Microsoft Windows XP Professional

Norton SystemWorks 2002

Hardware

Intel Personal Audio Player 3000

Microsoft Wireless IntelliMouse Explorer

Site News/Info

About This Site

Affiliates

ANet Forums

Contact Us

Default Home Page

Link To Us

Links

Member Pages

Site Search

Awards

Credits
©1997/2004, Active Network. All Rights Reserved.
Layout & Design by Designer Dream. Content written by the Active Network team. Please click here for full terms of use and restrictions or read our Privacy Statement.

  *  

  Unchecked Buffer in File Decompression Functions Could Lead to Code Execution (Q329048)
Time: 01:58 EST/06:58 GMT | News Source: Microsoft | Posted By: Byron Hinson

All three vulnerabilities discussed in this bulletin involve the inclusion of the Sun RPC library in Microsoft’s Services for UNIX (SFU) 3.0 on the Interix SDK. Developers who created applications or utilities using the Sun RPC library from the Interix SDK need to evaluate three vulnerabilities.

Zipped files (files having a .zip extension) provide a means to store information in a way that uses less space on a hard disk. This is accomplished by compressing the files that are put into in the zipped file. On Windows 98 with Plus! Pack, Windows Me and Windows XP, the Compressed Folders feature allows zipped files to be treated as folders. The Compressed Folders feature can be used to create, add files to, and extract files from zipped files.

Two vulnerabilities exist in the Compressed Folders function:

  • An unchecked buffer exists in the programs that handles the decompressing of files from a zipped file. A security vulnerability results because attempts to open a file with a specially malformed filename contained in a zipped file could possibly result in Windows Explorer failing, or in code of the attacker’s choice being run.
  • The decompression function could place a file in a directory that was not the same as, or a child of, the target directory specified by the user as where the decompressed zip files should be placed. This could allow an attacker to put a file in a known location on the users system, such as placing a program in a startup directory

Patch availability

Download locations for this patch

Write Comment
Return to News

  Displaying 726 through 727 of 727
Prev | First 		  The time now is 11:33:16 AM ET.
Any comment problems? E-mail us
#726 By 4240821 (185.100.168.238) at 12/6/2025 11:44:54 AM
https://nsfw.su/activ32d4aahce1
https://sexonly.top/activhbh5f5c4gg
https://smutty.su/activ24e241gb5a
https://lustful.su/activ4121513da2
https://smutty.su/activh4b4b1ha5c
https://sluts.su/activ51a354eh5f
https://sexonly.su/activggde25f452
https://sexonly.top/activc542432g1c
https://sexonly.su/activbgc2bdh52a
https://lustful.su/activddd1db13cb

#727 By 4240821 (185.100.168.238) at 12/7/2025 7:24:18 AM
https://sluts.su/active54afef1dc
https://smutty.su/activ3bc4451f5b
https://smutty.su/activ54fcc3agd3
https://lustful.su/activce3dh24153
https://sluts.su/activh5a4ha55d3
https://lustful.su/activbcd2ggh231
https://sluts.su/active4ef5gd5db
https://sexonly.su/activa5fbg53ghc
https://lustful.su/activ3adg2aba2b
https://lustful.su/activcc4eg2114a

Write Comment
Return to News
  Displaying 726 through 727 of 727
Prev | First 		  The time now is 11:33:16 AM ET.
Any comment problems? E-mail us
User name and password:

 

   *  
  *   *