漏洞信息详情
Gamespy Arcade GSAPAK.EXE .APK提取文件破坏漏洞
- CNNVD编号:CNNVD-200308-145
- 危害等级: 高危
- CVE编号: CVE-2003-0650
- 漏洞类型: 路径遍历
- 发布时间: 2003-08-27
- 威胁类型: 远程
- 更新时间: 2005-10-20
- 厂 商: gamespy
- 漏洞来源: .');">The discovery of t...
漏洞简介
可能GameSpy Arcade 1.3e之前版本的GSAPAK.EXE存在目录遍历漏洞。远程攻击者可以借助.APK (Zip)文件文件名中的..(点 点)序列覆盖任意文件并执行任意代码。
漏洞公告
It has been reported that a patch to address this issue is currently being developed and is scheduled for release in the near future. However, this information has not been confirmed by Symantec.
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
参考网址
来源: BID 名称: 8309 链接:http://www.securityfocus.com/bid/8309 来源: www.gamespyarcade.com 链接:http://www.gamespyarcade.com/features/versions.sHTML 来源: BUGTRAQ 名称: 20030730 GameSpy Arcade Arbitrary File Writing Vulnerability 链接:http://marc.theaimsgroup.com/?l=bugtraq&m=105958779017085&w=2 来源: VULNWATCH 名称: 20030730 GameSpy Arcade Arbitrary File Writing Vulnerability 链接:http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0064.HTML
受影响实体
- Gamespy Arcade:1.3e
补丁
暂无
评论