Bugtraq mailing list archives
WinZip Unspecified Buffer Overflows May Let Remote or Local Users Execute Arbitrary Code
From: "Jérôme" ATHIAS <jerome.athias () caramail com>
Date: 2 Sep 2004 04:36:10 -0000
Date: Wed, 1 Sep 2004 07:31:24 -0400 Subject: http://www.winzip.com/wz90sr1.htm WinZip reported discovering some vulnerabilities, including potential buffer overflows, during an internal review of the WinZip code. In addition, a WinZip user discovered a buffer overflow, where a local user can supply a specially crafted WinZip command line to trigger the overflow. A fix (9.0 SR-1) is available at: http://www.winzip.com/upgrade.htm ------------------------------------------ I don't have more informations. You can just check http://www.securitytracker.com/alerts/2004/Sep/1011132.html Regards. Jérôme
Current thread:
- WinZip Unspecified Buffer Overflows May Let Remote or Local Users Execute Arbitrary Code Jérôme (Sep 02)