icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Beyond Compare < 3.1.11 Zip File Buffer Overflow

Medium

Synopsis

The remote host contains an application that is vulnerable to a buffer overflow attack.

Description

The remote host contains Beyond Compare, a file comparison application. The installed version of Beyond Compare is earlier than 3.1.11. Such version are potentially affected by a buffer overflow vulnerability when handling zip files with an overly large filename. An attacker, exploiting this flaw, could potentially execute arbitrary code on the remote host subject to the privileges of the user running the application.

Solution

Upgrade to Beyond Compare 3.1.11 or later.