• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

WinZip WZFileView.FileViewCtrl.61 ActiveX Control Multiple Remote Code Execution Vulnerabilities

WinZip is prone to multiple remote code-execution vulnerabilities in an ActiveX control that is installed with the package.

Exploiting these issues allows remote attackers to execute arbitrary machine code in the context of applications using the affected ActiveX control and possibly to compromise affected computers.

WinZip versions in the 10.0 series prior to build 7245 are vulnerable to these issues.