Winzip Multiple Buffer Overflow Vulnerabilities

Discussion in 'other security issues & news' started by ronjor, Sep 2, 2004.

Thread Status:
Not open for further replies.
  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,802
    Location:
    Texas
    Description:
    Multiple vulnerabilities has been reported in Winzip, which potentially can be exploited to compromise a user's system.

    1) Some unspecified vulnerabilities which can be exploited to cause buffer overflows. Successful exploitation can potentially lead to execution of arbitrary code.

    2) A problem caused due to insufficient validation of command-line arguments. This can be exploited by using a specially crafted argument to cause a buffer overflow and potentially execute arbitrary code.

    Solution:
    Update to 9.0 SR-1:
    http://www.winzip.com/upgrade.htm

    Provided and/or discovered by:
    Reported by vendor.

    Secunia
     
Loading...
Thread Status:
Not open for further replies.