1. Home
  2. CVE Database
  3. CVE-2006-2482
MEDIUM · 6.8

CVE-2006-2482

Heap-based buffer overflow in the TZipTV component in (1) ZipTV for Delphi 7 2006.1.26 and for C++ Builder 2006-1.16, (2) PentaZip 8.5.1.190 and PentaSuite-PRO 8.5.1.221, and possibly other products, ...

Vulnerability Description

Heap-based buffer overflow in the TZipTV component in (1) ZipTV for Delphi 7 2006.1.26 and for C++ Builder 2006-1.16, (2) PentaZip 8.5.1.190 and PentaSuite-PRO 8.5.1.221, and possibly other products, allows user-assisted attackers to execute arbitrary code via an ARJ archive with a long header. NOTE: the ACE archive vector is covered by CVE-2005-2856.

CVSS Score

6.8

MEDIUM

AV:N/AC:M/Au:N/C:P/I:P/A:P
Confidentiality
PARTIAL
Integrity
PARTIAL
Availability
PARTIAL

Affected Products

VendorProductVersions
Microchip Data SystemsZiptv For C\+\+ Builder2006.1.16
Microchip Data SystemsZiptv For Delphi 72006.1.26
PentawarePentasuite-Pro8.5.1.221
PentawarePentazip8.5.1.190

Related Weaknesses (CWE)

CWE-119

References

FAQ

What is CVE-2006-2482?

CVE-2006-2482 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Heap-based buffer overflow in the TZipTV component in (1) ZipTV for Delphi 7 2006.1.26 and for C++ Builder 2006-1.16, (2) PentaZip 8.5.1.190 and PentaSuite-PRO 8.5.1.221, and possibly other products, ...

How severe is CVE-2006-2482?

CVE-2006-2482 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2006-2482?

Check the references section above for vendor advisories and patch information. Affected products include: Microchip Data Systems Ziptv For C\+\+ Builder, Microchip Data Systems Ziptv For Delphi 7, Pentaware Pentasuite-Pro, Pentaware Pentazip.