CVE-2007-5279

PowerArchiver - Heap-Based Buffer Overflow via Long Filename in BlackHole Archive

Title source: llm
STIX 2.1

Description

Heap-based buffer overflow in ConeXware PowerArchiver before 10.20.21 might allow remote attackers to execute arbitrary code via a long filename in a BlackHole archive.

References (8)

Core 8
Core References
Patch x_refsource_confirm
http://www.powerarchiver.com/news/
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/3378
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/25938
Patch, Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/27000
Third Party Advisory third-party-advisory x_refsource_jvn
http://jvn.jp/jp/JVN%2361323184/index.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/36969
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/41552

Scores

EPSS 0.0476
EPSS Percentile 90.9%

Details

CWE
CWE-119
Status published
Products (6)
conexware/powerarchiver 8.10
conexware/powerarchiver 8.60
conexware/powerarchiver 9.5_beta_4
conexware/powerarchiver 9.5_beta_5
conexware/powerarchiver 9.25
conexware/powerarchiver 9.62.03
Published Oct 09, 2007
Tracked Since Feb 18, 2026