MidnightBSD

Advisories for speedproject

CVE-2005-3831 MEDIUM

Stack-based buffer overflow in (1) CxZIP60.dll and (2) CxZIP60u.dll, as used in SpeedProject products including (a) ZipStar 5.0 Build 4285, (b) Squeez 5.0 Build 4285, and (c) SpeedCommander 11.0 Build 4430 and 10.51 Build 4430, allows user-assisted attackers to execute arbitrary code via a ZIP archive containing a long filename.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
speedproject speedcommander 11.0_build4430
speedproject squeez 5.0_build_4285
speedproject speedcommander 10.51_build4430
speedproject zipstar 5.0_build_4285
CVE-2005-3832 MEDIUM

Stack-based buffer overflow in (1) CxUux60.dll and (2) CxUux60u.dll, as used in SpeedProject products including (a) Squeez 5.0 Build 4285, and (b) SpeedCommander 11.0 Build 4430 and 10.51 Build 4430, allows user-assisted attackers to execute arbitrary code via a ZIP archive containing a long filename.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
speedproject speedcommander 11.0_build4430
speedproject squeez 5.0_build_4285
speedproject speedcommander 10.51_build4430
CVE-2006-0890 MEDIUM

Directory traversal vulnerability in SpeedProject Squeez 5.1, as used in (1) ZipStar 5.1 and (2) SpeedCommander 11.01.4450, allows remote attackers to overwrite arbitrary files via unspecified manipulations in a (1) JAR or (2) ZIP archive.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
speedproject squeez 5.1
speedproject speedcommander 11.01_build4450
speedproject zipstar 5.1
CVE-2006-2085 MEDIUM

Multiple buffer overflows in (1) CxAce60.dll and (2) CxAce60u.dll in SpeedProject Squeez 5.10 Build 4460, and SpeedCommander 10.52 Build 4450 and 11.01 Build 4450, allow user-assisted remote attackers to execute arbitrary code via an ACE archive that contains a file with a long filename.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
speedproject speedcommander 11.01_build4450
speedproject squeez 5.10_build_4460
speedproject speedcommander 10.52_build4450