CVE-2004-1094:Buffer overflow vulnerability in InnerMedia DynaZip DUNZIP32.dll allows remote attackers to execute arbitrary code via a specially crafted ZIP file.

splash
Back

Description Preview

A buffer overflow vulnerability exists in the InnerMedia DynaZip DUNZIP32.dll file version 5.00.03 and earlier. This vulnerability can be exploited by remote attackers through a ZIP file that contains a file with a long filename. The exploitation of this vulnerability can lead to arbitrary code execution. The issue has been demonstrated in various applications, including RealPlayer 10 through RealPlayer 10.5, RealOne Player, CheckMark Software Payroll, CheckMark MultiLedger, dtSearch, McAfee VirusScan, and IBM Lotus Notes, among others. It remains unclear whether this vulnerability is the same as CVE-2004-0575, although the data manipulations involved are similar.

Overview

  • CVE ID: CVE-2004-1094
  • Date Published: December 1, 2004
  • Affected Software: InnerMedia DynaZip DUNZIP32.dll version 5.00.03 and earlier
  • Vulnerability Type: Buffer Overflow
  • Impact: Remote code execution
  • Affected Applications: Various applications utilizing DUNZIP32.dll, including:
    • RealPlayer 10 through 10.5
    • RealOne Player
    • CheckMark Software Payroll 2004/2005
    • CheckMark MultiLedger
    • dtSearch 6.x and 7.x
    • McAfee VirusScan 10 Build 10.0.21 and earlier
    • IBM Lotus Notes before 6.5.5

Remediation

To mitigate the risk associated with this vulnerability, users and administrators should:

  1. Update Software: Ensure that all applications using DUNZIP32.dll are updated to the latest versions that contain patches for this vulnerability.
  2. Monitor and Restrict File Uploads: Implement file upload restrictions to prevent the upload of ZIP files with long filenames.
  3. Implement Security Controls: Utilize security measures such as intrusion detection systems (IDS) and firewalls to monitor for suspicious activities related to this vulnerability.
  4. Educate Users: Train users to recognize potential phishing attempts or malicious files that could exploit this vulnerability.

References

  1. dtSearch DUNZIP32.dll Buffer Overflow Vulnerability - SecurityFocus
  2. CVE-2004-1094 at SecurityTracker
  3. RealPlayer Zipped Skin File Buffer Overflow - EEYE
  4. X-Force Vulnerability Database Entry
  5. OSVDB Entry
  6. VUPEN Advisory
  7. High Risk Vulnerability in RealPlayer
  8. IBM Lotus Notes Advisory
  9. McAfee VirusScan Advisory
  10. CERT Vulnerability Note

These references provide further details on the vulnerability, its impact, and potential mitigations.

Industry ExposureMost to least
This section illustrates the prevalence of a specific Common Vulnerabilities and Exposures (CVE) across various industries based on customer reports. The ranking displays industries from the most to least affected by this particular vulnerability, offering valuable insight into where this CVE has been most frequently observed. This information can help organizations within these sectors prioritize their security efforts, understand their relative risk exposure compared to their peers, and focus remediation strategies where they are most needed. By understanding the industry-specific impact, organizations can make more informed decisions regarding patching, resource allocation, and overall risk management related to this CVE.

  1. Manufacturing: Low
    Manufacturing
  2. Accommodation & Food Services: Low
    Accommodation & Food Services
  3. Administrative, Support, Waste Management & Remediation Services: Low
    Administrative, Support, Waste Management & Remediation Services
  4. Agriculture, Forestry Fishing & Hunting: Low
    Agriculture, Forestry Fishing & Hunting
  5. Arts, Entertainment & Recreation: Low
    Arts, Entertainment & Recreation
  6. Construction: Low
    Construction
  7. Educational Services: Low
    Educational Services
  8. Finance and Insurance: Low
    Finance and Insurance
  9. Health Care & Social Assistance: Low
    Health Care & Social Assistance
  10. Information: Low
    Information
  11. Management of Companies & Enterprises: Low
    Management of Companies & Enterprises
  12. Mining: Low
    Mining
  13. Other Services (except Public Administration): Low
    Other Services (except Public Administration)
  14. Professional, Scientific, & Technical Services: Low
    Professional, Scientific, & Technical Services
  15. Public Administration: Low
    Public Administration
  16. Real Estate Rental & Leasing: Low
    Real Estate Rental & Leasing
  17. Retail Trade: Low
    Retail Trade
  18. Transportation & Warehousing: Low
    Transportation & Warehousing
  19. Utilities: Low
    Utilities
  20. Wholesale Trade: Low
    Wholesale Trade

Focus on What Matters

  1. See Everything.
  2. Identify True Risk.
  3. Proactively Mitigate Threats.

Let's talk!

background
Armis Vulnerability Intelligence Database