kronas
28-02-2004, 19:52
users are being warned of a flaw in the popular client WinZip, that could allow arbitrary code execution, when using the program to process archives.
Exploitation of a buffer overflow vulnerability within a parameter parsing routine of WinZip Computing Inc.'s WinZip Archive Utility for Windows allows remote attackers to execute arbitrary code.
The problem specifically exists in the UUDeview package which is used to support various decoding routines. When providing long strings to certain parameters of MIME archives (.mim, .uue, .uu, .b64, .bhx, .hqx and .xxe extensions) WinZip will crash referencing an "internal error in file misc.c line 132". Analysis of the log file created by WinZip upon crash reveals that exploitation is plausible
source:idefense http://www.idefense.com/application/poi/display?id=76&type=vulnerabilities&flashstatus=false
the issue has been fixed in version 9.0
http://www.winzip.com/
Exploitation of a buffer overflow vulnerability within a parameter parsing routine of WinZip Computing Inc.'s WinZip Archive Utility for Windows allows remote attackers to execute arbitrary code.
The problem specifically exists in the UUDeview package which is used to support various decoding routines. When providing long strings to certain parameters of MIME archives (.mim, .uue, .uu, .b64, .bhx, .hqx and .xxe extensions) WinZip will crash referencing an "internal error in file misc.c line 132". Analysis of the log file created by WinZip upon crash reveals that exploitation is plausible
source:idefense http://www.idefense.com/application/poi/display?id=76&type=vulnerabilities&flashstatus=false
the issue has been fixed in version 9.0
http://www.winzip.com/