CVE-2007-4547

N/A Unknown
Published: August 27, 2007 Modified: April 23, 2026
View on NVD

Description

Unreal Commander 0.92 build 565 and 573 writes portions of heap memory into local files when extracting from an archive with malformed size information in a file header, which might allow user-assisted attackers to obtain sensitive information (memory contents) by reading the extracted files. NOTE: this issue is only a vulnerability if Unreal is run with privileges, or if the extracted files are made accessible to other users.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://osvdb.org/45832
Source: cve@mitre.org
http://securityreason.com/securityalert/3060
Source: cve@mitre.org
http://www.securityfocus.com/archive/1/477432/100/0/threaded
Source: cve@mitre.org
http://www.securityfocus.com/bid/25419
Source: cve@mitre.org
http://osvdb.org/45832
Source: af854a3a-2127-422b-91ae-364da2661108
http://securityreason.com/securityalert/3060
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/archive/1/477432/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/25419
Source: af854a3a-2127-422b-91ae-364da2661108

8 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
1.3%
66th percentile
Exploitation Status
Not in CISA KEV

Affected Vendors

x-diesel