BugTraq
Back to list
|
Post reply
WinZip Unspecified Buffer Overflows May Let Remote or Local Users Execute Arbitrary Code
Sep 02 2004 04:36AM
Jérôme ATHIAS (jerome athias caramail com)
Date: Wed, 1 Sep 2004 07:31:24 -0400
Subject: http://www.winzip.com/wz90sr1.htm
WinZip reported discovering some vulnerabilities, including potential buffer
overflows, during an internal review of the WinZip code. In addition, a WinZip
user discovered a buffer overflow, where a local user can supply a specially crafted
WinZip command line to trigger the overflow.
A fix (9.0 SR-1) is available at:
http://www.winzip.com/upgrade.htm
------------------------------------------
I don't have more informations.
You can just check
http://www.securitytracker.com/alerts/2004/Sep/1011132.html
Regards.
Jérôme
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
Date: Wed, 1 Sep 2004 07:31:24 -0400
Subject: http://www.winzip.com/wz90sr1.htm
WinZip reported discovering some vulnerabilities, including potential buffer
overflows, during an internal review of the WinZip code. In addition, a WinZip
user discovered a buffer overflow, where a local user can supply a specially crafted
WinZip command line to trigger the overflow.
A fix (9.0 SR-1) is available at:
http://www.winzip.com/upgrade.htm
------------------------------------------
I don't have more informations.
You can just check
http://www.securitytracker.com/alerts/2004/Sep/1011132.html
Regards.
Jérôme
[ reply ]