Beyond Compare < 3.1.11 Zip File Buffer Overflow

Medium Nessus Network Monitor Plugin ID 5529


The remote host contains an application that is vulnerable to a buffer overflow attack.


The remote host contains Beyond Compare, a file comparison application. The installed version of Beyond Compare is earlier than 3.1.11. Such version are potentially affected by a buffer overflow vulnerability when handling zip files with an overly large filename. An attacker, exploiting this flaw, could potentially execute arbitrary code on the remote host subject to the privileges of the user running the application.


Upgrade to Beyond Compare 3.1.11 or later.

See Also

Plugin Details

Severity: Medium

ID: 5529

File Name: 5529.prm

Family: Web Clients

Published: 2010/05/06

Modified: 2016/02/05

Dependencies: 1735, 8314

Nessus ID: 46242

Risk Information

Risk Factor: Medium


Base Score: 6.8

Temporal Score: 6.5

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:F/RL:U/RC:ND


Base Score: 5.6

Temporal Score: 5.4


Temporal Vector: CVSS3#E:F/RL:U/RC:X

Vulnerability Information

Patch Publication Date: 2010/04/28

Vulnerability Publication Date: 2010/04/05

Reference Information

BID: 39907