CVE-2014-2720
IZArc 4.1.8 is vulnerable due to a mismatch between ZIP Central Directory data (file name) and the Local File Header used to launch the file. This allows user‑assisted remote attackers to perform file‑extension spoofing that can lead to unintended code execution, demonstrated when a .jpg in the C...