ESTsoft ALZip MIM File Buffer Overflow (CVE-2011-1336)

A remote code execution vulnerability has been reported in ESTsoft's ALZip. The vulnerability is due to an error while parsing MIME files. A remote attacker may exploit this vulnerability by sending a specially crafted .mim file to an affected user. Successful exploitation of this vulnerability...

ESTsoft ALZip MIM File Handling Buffer Overflow

Added: 08/09/2011 CVE: CVE-2011-1336 BID: 48493 OSVDB: 73684 Background ESTsoft ALZip is a Windows-based file compression program that can unzip 40 different zip file archives. ALZip can zip files into 8 different archives such as ZIP, EGG, TAR and others. Problem ESTsoft ALZip 8.21 and earlier i...

ALZip MIM File Processing Buffer Overflow Vulnerability

This host has ALZip installed and is prone to buffer overflow vulnerability. Vulnerabilities Insight: The flaw is due to an error in libETC.dll when processing the 'filename' field within MIM files. OpenVAS Vulnerabilities Test $Id: gbalzipmimbofvuln.nasl 6969 2017-08-21 05:56:59Z asteins $ ALZip...

CVE-2011-1336

CVE-2011-1336 affects ESTsoft ALZip ≤ 8.21. The vulnerability is a stack buffer overflow in the libETC.dll caused by parsing the filename/name fields in MIM headers. A remote attacker can trigger arbitrary code execution by convincing a user to open a crafted MIM file. Remediation: upgrade to ALZ...