CVE-2014-2720 (GCVE-0-2014-2720)

Vulnerability from cvelistv5 – Published: 2014-05-27 10:00 – Updated: 2024-08-06 10:21
VLAI?
Summary
IZArc 4.1.8 displays a file's name on the basis of a ZIP archive's Central Directory entry, but launches this file on the basis of a ZIP archive's local file header, which allows user-assisted remote attackers to conduct file-extension spoofing attacks via a modified Central Directory, as demonstrated by unintended code execution prompted by a .jpg extension in the Central Directory and a .exe extension in the local file header.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.xchg.info/?p=418 x_refsource_MISC
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T10:21:36.162Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.xchg.info/?p=418"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-05-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IZArc 4.1.8 displays a file\u0027s name on the basis of a ZIP archive\u0027s Central Directory entry, but launches this file on the basis of a ZIP archive\u0027s local file header, which allows user-assisted remote attackers to conduct file-extension spoofing attacks via a modified Central Directory, as demonstrated by unintended code execution prompted by a .jpg extension in the Central Directory and a .exe extension in the local file header."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2014-05-27T05:57:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.xchg.info/?p=418"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-2720",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IZArc 4.1.8 displays a file\u0027s name on the basis of a ZIP archive\u0027s Central Directory entry, but launches this file on the basis of a ZIP archive\u0027s local file header, which allows user-assisted remote attackers to conduct file-extension spoofing attacks via a modified Central Directory, as demonstrated by unintended code execution prompted by a .jpg extension in the Central Directory and a .exe extension in the local file header."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.xchg.info/?p=418",
              "refsource": "MISC",
              "url": "http://www.xchg.info/?p=418"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-2720",
    "datePublished": "2014-05-27T10:00:00",
    "dateReserved": "2014-04-01T00:00:00",
    "dateUpdated": "2024-08-06T10:21:36.162Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:izarc:izarc:4.1.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"835D58E5-EAA2-4A25-8CB4-B2D9C9447F55\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"IZArc 4.1.8 displays a file\u0027s name on the basis of a ZIP archive\u0027s Central Directory entry, but launches this file on the basis of a ZIP archive\u0027s local file header, which allows user-assisted remote attackers to conduct file-extension spoofing attacks via a modified Central Directory, as demonstrated by unintended code execution prompted by a .jpg extension in the Central Directory and a .exe extension in the local file header.\"}, {\"lang\": \"es\", \"value\": \"IZArc 4.1.8 muestra el nombre de un archivo bas\\u00e1ndose en la entrada del directorio central de un archivo ZIP, pero lanza este archivo bas\\u00e1ndose en la cabecera de archivo local de un archivo ZIP, lo que permite a atacantes remotos asistidos por usuario realizar ataques de falsificaci\\u00f3n de extensi\\u00f3n de archivo a trav\\u00e9s de un directorio central modificado, tal y como fue demostrado por la ejecuci\\u00f3n de c\\u00f3digo no intencionada solicitada por una extensi\\u00f3n .jpg en el directorio central y una extensi\\u00f3n .exe en la cabecera de archivo local.\"}]",
      "id": "CVE-2014-2720",
      "lastModified": "2024-11-21T02:06:49.993",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:P/A:P\", \"baseScore\": 6.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2014-05-27T11:15:39.140",
      "references": "[{\"url\": \"http://www.xchg.info/?p=418\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.xchg.info/?p=418\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-94\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2014-2720\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2014-05-27T11:15:39.140\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"IZArc 4.1.8 displays a file\u0027s name on the basis of a ZIP archive\u0027s Central Directory entry, but launches this file on the basis of a ZIP archive\u0027s local file header, which allows user-assisted remote attackers to conduct file-extension spoofing attacks via a modified Central Directory, as demonstrated by unintended code execution prompted by a .jpg extension in the Central Directory and a .exe extension in the local file header.\"},{\"lang\":\"es\",\"value\":\"IZArc 4.1.8 muestra el nombre de un archivo bas\u00e1ndose en la entrada del directorio central de un archivo ZIP, pero lanza este archivo bas\u00e1ndose en la cabecera de archivo local de un archivo ZIP, lo que permite a atacantes remotos asistidos por usuario realizar ataques de falsificaci\u00f3n de extensi\u00f3n de archivo a trav\u00e9s de un directorio central modificado, tal y como fue demostrado por la ejecuci\u00f3n de c\u00f3digo no intencionada solicitada por una extensi\u00f3n .jpg en el directorio central y una extensi\u00f3n .exe en la cabecera de archivo local.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-94\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:izarc:izarc:4.1.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"835D58E5-EAA2-4A25-8CB4-B2D9C9447F55\"}]}]}],\"references\":[{\"url\":\"http://www.xchg.info/?p=418\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.xchg.info/?p=418\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.