uulib/uunconc.c in UUDeview 0.5.20, as used in nzbget before 0.3.0 and possibly other products, allows local users to overwrite arbitrary files via a symlink attack on a temporary filename generated by the tempnam function. NOTE: this may be a CVE-2004-2265 regression.
Max CVSS
4.4
EPSS Score
0.04%
Published
2008-05-16
Updated
2017-08-08
UUDeview 0.5.20 and earlier handles temporary files insecurely during decoding, with unknown attack vectors and impact.
Max CVSS
7.2
EPSS Score
0.04%
Published
2004-12-31
Updated
2017-07-11
Buffer overflow in the UUDeview package, as used in WinZip 6.2 through WinZip 8.1 SR-1, and possibly other packages, allows remote attackers to execute arbitrary code via a MIME archive with certain long MIME parameters.
Max CVSS
10.0
EPSS Score
34.50%
Published
2004-11-23
Updated
2017-07-11
3 vulnerabilities found