CVE-2004-1094: CVE-2004-1094

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2004-1094

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Buffer overflow in InnerMedia DynaZip DUNZIP32.dll file version 5.00.03 and earlier allows remote attackers to execute arbitrary code via a ZIP file containing a file with a long filename, as demonstrated using (1) a .rjs (skin) file in RealPlayer 10 through RealPlayer 10.5 (6.0.12.1053), RealOne Player 1 and 2, (2) the Restore Backup function in CheckMark Software Payroll 2004/2005 3.9.6 and earlier, (3) CheckMark MultiLedger before 7.0.2, (4) dtSearch 6.x and 7.x, (5) mcupdmgr.exe and mghtml.exe in McAfee VirusScan 10 Build 10.0.21 and earlier, (6) IBM Lotus Notes before 6.5.5, and other products. NOTE: it is unclear whether this is the same vulnerability as CVE-2004-0575, although the data manipulations are the same.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

InnerMedia DUNZIP32.dll 栈溢出漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

DUNZIP32.dll是一个较流行的压缩库。 InnerMedia DynaZip DUNZIP32.dll 5.00.03及之前版本中存在缓冲区溢出漏洞。由于在解压包含有超长文件名的zip文件时存在溢出，攻击者可利用此漏洞执行任意代码。多个使用DUNZIP32.dll的软件均受此影响，包括Realplayer、RealOne、CheckMark Multiledger、McAfee及IBM Lotus Notes。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2004-1094

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2004-1094

Please Login to view more intelligence information

http://www.networksecurity.fi/advisories/lotus-notes.htmlx_refsource_MISC
http://www.networksecurity.fi/advisories/dtsearch.htmlx_refsource_MISC
http://www.networksecurity.fi/advisories/multiledger.htmlx_refsource_MISC
http://www.networksecurity.fi/advisories/mcafee-virusscan.htmlx_refsource_MISC
http://www.securiteam.com/windowsntfocus/6Z00W00EAM.htmlx_refsource_MISC
🔗 http://service.real.com/help/faq/security/041026_player/EN/x_refsource_CONFIRM
🔗 http://www.networksecurity.fi/advisories/payroll.htmlx_refsource_MISC
http://securityreason.com/securityalert/296third-party-advisoryx_refsource_SREASON
http://securityreason.com/securityalert/653third-party-advisoryx_refsource_SREASON
🔗 http://secunia.com/advisories/17394third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/11555vdb-entryx_refsource_BID
http://www.osvdb.org/19906vdb-entryx_refsource_OSVDB
http://secunia.com/advisories/17096third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/19451third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/18194third-party-advisoryx_refsource_SECUNIA
http://securitytracker.com/id?1011944vdb-entryx_refsource_SECTRACK
http://securitytracker.com/id?1012297vdb-entryx_refsource_SECTRACK
http://securitytracker.com/id?1016817vdb-entryx_refsource_SECTRACK
http://www.kb.cert.org/vuls/id/582498third-party-advisoryx_refsource_CERT-VN
http://www.vupen.com/english/advisories/2005/2057vdb-entryx_refsource_VUPEN
http://www.vupen.com/english/advisories/2006/1176vdb-entryx_refsource_VUPEN
https://exchange.xforce.ibmcloud.com/vulnerabilities/22737vdb-entryx_refsource_XF
https://exchange.xforce.ibmcloud.com/vulnerabilities/17879vdb-entryx_refsource_XF
🔗 http://marc.info/?l=bugtraq&m=109894226007607&w=2mailing-listx_refsource_BUGTRAQ
http://archives.neohapsis.com/archives/fulldisclosure/2004-10/1044.htmlmailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/archive/1/420274/100/0/threadedmailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/archive/1/445369/100/0/threadedmailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/archive/1/429361/100/0/threadedmailing-listx_refsource_BUGTRAQ
https://nvd.nist.gov/vuln/detail/CVE-2004-1094

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2004-1094

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2004-1094

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2004-1094

III. Intelligence Information for CVE-2004-1094

IV. Related Vulnerabilities

V. Comments for CVE-2004-1094

Leave a comment