Beyond Compare Zip File Buffer Overflow

This script is Copyright (C) 2010-2012 Tenable Network Security, Inc.


Synopsis :

The remote Windows host contains an application that is affected by
a buffer overflow vulnerability.

Description :

The version of Beyond Compare installed on the remote Windows host is
earlier than 3.1.11. Such versions are potentially affected by a
buffer overflow vulnerability when handling zip files with an overly
large filename. An attacker, exploiting this flaw, could potentially
execute arbitrary code on the remote host subject to the privileges of
the user running the application.

See also :

http://www.nessus.org/u?8ad65be8

Solution :

Upgrade to Beyond Compare 3.1.11 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.7
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 46242 (beyond_compare_zip_buffer_overflow.nasl)

Bugtraq ID: 39907

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now