Beyond Compare < 3.1.11 Zip File Buffer Overflow
Medium Nessus Network Monitor Plugin ID 5529
SynopsisThe remote host contains an application that is vulnerable to a buffer overflow attack.
DescriptionThe remote host contains Beyond Compare, a file comparison application. The installed version of Beyond Compare is earlier than 3.1.11. Such version are potentially affected by a buffer overflow vulnerability when handling zip files with an overly large filename. An attacker, exploiting this flaw, could potentially execute arbitrary code on the remote host subject to the privileges of the user running the application.
SolutionUpgrade to Beyond Compare 3.1.11 or later.