{"vuid":"VU#649374","idnumber":"649374","name":"Microsoft Windows processing of zip files contains a buffer overflow","keywords":["Microsoft Windows","remote code execution","zip","MS04-034","873376","compressed folder","archive"],"overview":"A buffer overflow exists in the way Microsoft Windows processes zip files that may allow remote code execution.","clean_desc":"Microsoft Windows XP and Windows Server 2003 feature the ability to natively handle zip files. Microsoft has released bulletin MS04-034 describing a remotely exploitable buffer overflow vulnerability in the way Windows handles zip files. According to MS04-034: A remote code execution vulnerability exists in Compressed (zipped) Folders because of an unchecked buffer in the way that it handles specially crafted compressed files. An attacker could exploit the vulnerability by constructing a malicious compressed file that could potentially allow remote code execution if a user visited a malicious Web site. An attacker who successfully exploited this vulnerability could take complete control of an affected system. However, user interaction is required to exploit this vulnerability. For further technical information about this vulnerability, please see Microsoft Security Bulletin MS04-034.","impact":"If a remote attacker can persuade a user to access a specially crafted zip file, the attacker may be able to execute arbitrary code on that user's system, possibly with administrator privileges.","resolution":"Apply Patch Apply a patch as described in Microsoft Security Bulletin MS04-034. Please also note that Microsoft is actively deploying the patches for this vulnerability via Windows Update. Do Not Accept Zip Files from Untrusted Sources Exploitation occurs by accessing a specially crafted zip file (.zip extension). By only accessing zip files from trusted or known sources, the chances of exploitation are reduced. For more details regarding remediation of this issue please see Microsoft Security Bulletin MS04-034.","workarounds":"","sysaffected":"","thanks":"Microsoft has published Microsoft Security Bulletin \nMS04-034\n to address this vulnerability. Microsoft credits \neEye Digital Security\n for reporting this vulnerability.","author":"This document was written by Jeff Gennari.","public":["http://www.microsoft.com/technet/security/bulletin/MS04-034.mspx","http://securitytracker.com/alerts/2004/Oct/1011637.html"],"cveids":["CVE-2004-0575"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2004-10-12T20:09:58Z","publicdate":"2004-10-12T00:00:00Z","datefirstpublished":"2004-10-13T14:24:21Z","dateupdated":"2004-10-14T15:10:07Z","revision":101,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"6","cam_population":"15","cam_impact":"17","cam_easeofexploitation":"15","cam_attackeraccessrequired":"18","cam_scorecurrent":"27.1096875","cam_scorecurrentwidelyknown":"33.564375","cam_scorecurrentwidelyknownexploited":"59.383125","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":27.1096875,"vulnote":null}