SAINT CorporationSAINT:44E2EB21EAE9B4E1857CF5C4CB660C25ESTsoft ALZip MIM File Handling Buffer Overflow
EPSS
Percentile
98.1%
Added: 08/09/2011
CVE: CVE-2011-1336
BID: 48493
OSVDB: 73684
Background
ESTsoft ALZip is a Windows-based file compression program that can unzip 40 different zip file archives. ALZip can zip files into 8 different archives such as ZIP, EGG, TAR and others.
Problem
ESTsoft ALZip 8.21 and earlier is vulnerable to a stack buffer overflow in **libETC.dll** due to improper parsing of the **filename** or **name** parameter within **MIM** file headers if an overly long filename is provided. A remote attacker can exploit this vulnerability to execute arbitrary code by enticing a user to open a specially crafted **MIM** file in a vulnerable version of ALZip.
Resolution
Upgrade to the 2011-06-09 release of ESTsoft ALZip version 8.21 (fixed without ersion number change), or a higher version.
References
<http://secunia.com/advisories/45108/>
Limitations
Exploit works on ESTsoft ALZip 8.12 and the target user must open the exploit file in a vulnerable version of ALZip.
Platforms
Windows
Related
