VDB
GCVE-110-CERTCC-2016-862384
GCVE-110-CERTCC-2016-862384
Advisory PublishedCVSS 6.8/10
An attacker may be able to coerce a user into executing arbitrary code in the context of the current user by attempting to unzip a crafted zip file provided by the attacker.
Risk Scores
CVSS 2.0
6.8/10
Medium · AV:N/AC:M/Au:N/C:P/I:P/A:P
certcc-cam
certcc-cam
impact0population0exploitation0widely_known0score_current0ease_of_exploitation0
certcc-vrda
certcc-vrda
d1_impact2d1_population2d1_direct_report1
certcc-cvss-temporal-env
certcc-cvss-temporal-env
temporal_score6.1remediation_levelUreport_confidenceCenvironmental_score4.60507672760625target_distributionMenvironmental_vectorCDP:ND/TD:M/CR:ND/IR:ND/AR:ND
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.