Lucene search

[email protected]CVE-2010-1688

HistoryMay 24, 2010 - 7:30 p.m.

CVE-2010-1688

2010-05-2419:30:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2010-1688

buffer overflow

2brightsparks syncback

remote code execution

nvd

8.2 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.288 Low

EPSS

Percentile

96.9%

JSON

Stack-based buffer overflow in 2BrightSparks SyncBack Freeware 3.2.20.0, and possibly other versions before 3.2.21, allows user-assisted remote attackers to execute arbitrary code via a long filename in a (1) .sps or (2) zip profile.

CPENameOperatorVersion
2brightsparks:syncback2brightsparks syncbackeq3.2.20.0

CPE	Name	Operator	Version
2brightsparks:syncback	2brightsparks syncback	eq	3.2.20.0

References

osvdb.org/64752

secunia.com/advisories/39865

www.2brightsparks.com/freeware/changes.html

www.corelan.be:8800/index.php/forum/security-advisories/corelan-10-041-syncback-freeware-v3-2-20-0/

www.corelan.be:8800/wp-content/forum-file-uploads/lincoln/syncbackup.rb_.txt

www.securityfocus.com/bid/40311

exchange.xforce.ibmcloud.com/vulnerabilities/58727

8.2 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.288 Low

EPSS

Percentile

96.9%

JSON

Related for CVE-2010-1688

prion1 kaspersky1 openvas2 nessus1 cvelist1