1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: TUGZip CVE-2008-4779 2

Attack: TUGZip CVE-2008-4779 2

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects an attempt to exploit a buffer overflow vulnerability in TUGZip application.

Additional Information

TUGZip is a file-archiving application for Microsoft Windows platforms.

The application is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. The vulnerability occurs when handling specially crafted ZIP files.

An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition.

Affected

  • TUGZip 3.5
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube