Lucene search
K

225 matches found

Zero Day Initiative
Zero Day Initiative
added 2024/09/17 12:0 a.m.7 views

WinZip Mark-of-the-Web Bypass Vulnerability

This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of WinZip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

7.8CVSS6.8AI score0.00386EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2024/09/04 12:0 a.m.6 views

PT-2025-6402 · Winzip · Winzip

Name of the Vulnerable Software and Affected Versions: WinZip versions prior to 29.0 Description: A vulnerability exists in WinZip’s 7Z file parsing functionality, allowing for remote code execution. This issue stems from insufficient validation of user-supplied data during the parsing of 7Z file...

8.8CVSS8.1AI score0.10304EPSS
Exploits0References24
ThreatPost
ThreatPost
added 2021/03/11 6:58 p.m.68 views

NanoCore RAT Scurries Past Email Defenses with .ZIPX Tactic

A spate of malicious emails with attachments delivering the NanoCore remote access trojan RAT is evading anti-malware and email scanners by abusing the .ZIPX file format. That’s according to researchers at Trustwave, who found that the campaign is effectively hiding a malicious executable by givi...

7.4AI score
Exploits0References6
HackRead
HackRead
added 2020/12/10 5:19 p.m.31 views

Free WinZip trial popup vulnerability lets hackers drop malware

By Sudais Asif Other than malware delivery; WinZip vulnerability also lets hackers carry out arbitrary code execution. Find out what else can be done. This is a post from HackRead.com Read the original post: Free WinZip trial popup vulnerability lets hackers drop malware...

4AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/01/06 9:39 p.m.13 views

store.winzip.com Open Redirect vulnerability

Open Bug Bounty ID: OBB-494169 Description| Value ---|--- Affected Website:| store.winzip.com Vulnerable Application:| Custom Code Vulnerability Type:| Open Redirect / CWE-601 CVSSv3 Score:| 3.4 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N Disclosure Standard:| Coordinated Disclosure based on ISO...

6.9AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/01/04 7:27 p.m.11 views

winzip-cgn.cleverbridge.com Open Redirect vulnerability

Open Bug Bounty ID: OBB-485237 Description| Value ---|--- Affected Website:| winzip-cgn.cleverbridge.com Vulnerable Application:| hidden until disclosure Vulnerability Type:| Open Redirect / CWE-601 CVSSv3 Score:| hidden until disclosure Disclosure Standard:| Coordinated Disclosure based on ISO...

6.7AI score
Exploits0
n0where
n0where
added 2017/07/03 6:35 p.m.102 views

Archive Cryptography: unarcrypto

Archive Cryptography unarcrypto.py is an educational tool to depict the use of cryptography for password verification, headers and content encryption by popular archivers: zip, 7zip, rar v3 and v5. Supported archives format, encryption and compression algorithms: zip password protected or not,...

1AI score
Exploits0References2
hackapp
hackapp
added 2016/04/01 9:22 a.m.24 views

WinZip – Zip UnZip Tool - Customized SSL, Dangerous filesystem permissions, WebView SSL handling enabled vulnerabilities

HackApp vulnerability scanner discovered that application WinZip – Zip UnZip Tool published at the 'play' market has multiple vulnerabilities...

Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2014/10/24 12:0 a.m.148 views

WinZip Unsupported Version Detection

According to its self-reported version number, the installation of WinZip on the remote Windows host is no longer supported. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it is likely to contain security vulnerabilities. C Tenabl...

7.6AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2014/10/24 12:0 a.m.27 views

WinZip Unsupported (Mac OS X)

According to its self-reported version number, the installation of WinZip on the remote Mac OS X host is no longer supported. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it is likely to contain security vulnerabilities. C Tenab...

7.6AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2014/10/24 12:0 a.m.17 views

WinZip Installed (Mac OS X)

Binary data macosxwinzipinstalled.nbin...

7.3AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2014/10/24 12:0 a.m.14 views

WinZip Installed

Binary data winzipinstalled.nbin...

7.3AI score
Exploits0References1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.19 views

WinZip FileView (WZFILEVIEW.FileViewCtrl.61) ActiveX Buffer Overflow

No description provided by source. $Id: winzipfileview.rb 9179 2010-04-30 08:40:19Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...

6.7AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.18 views

WinZIP <= 8.1 Command Line Local Buffer Overflow Exploit

No description provided by source. / WinZip Command Line Local Buffer Overflow http://securitytracker.com/alerts/2004/Sep/1011132.html http://www.winzip.com/wz90sr1.htm Exploit coded By ATmaCA Web: atmacasoft.com && spyinstructors.com E-Mail: [email protected] Credit to kozan / / Tested with...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.9 views

WinZIP <= 10.0.7245 (FileView ActiveX Control) Stack Overflow PoC

No description provided by source. !-- WinZip FileView ActiveX Control Unsafe Method Exposure Vulnerability -- prdelka -- HTML HEAD TITLE/TITLE /HEAD BODY SCRIPT LANGUAGE=VBScript !-- Sub WZFILEVIEWOnAfterItemAddItem WZFILEVIEW.FilePattern =...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.22 views

Winzip 15.0 WZFLDVW.OCX IconIndex Property Denial of Service

No description provided by source. Exploit Title: Winzip WZFLDVW.OCX IconIndex property access violation Author: fady mohamed osman Software Link : http://www.winzip.com/downwz.htm Version: 15.0 Build 9334 Tested on: Win XP Sp2 CVE : N/A Website : http://www.darkmasters.co.cc/ Twitter :...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.26 views

Winzip 15.0 WZFLDVW.OCX Text Property Denial of Service

No description provided by source. Exploit Title: Winzip WZFLDVW.OCX text property access violation Author: fady mohamed osman Software Link : http://www.winzip.com/downwz.htm Version: 15.0 Build 9334 Tested on: Win XP Sp2 CVE : N/A Website : http://www.darkmasters.co.cc/ Twitter :...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.18 views

WinZIP <= 10.0.7245 (FileView ActiveX) Remote Buffer Overflow Exploit

No description provided by source. / WinZip = 10.0.7245 FileView ActiveX buffer overflow exploit ============================================================ A vulnerability has been identified within Winzip that allows remote attackers to execute arbitrary code. User interaction is required to...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

WinZip 9.0 Command Line Remote Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/22020/info WinZip is prone to a remote buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied input before copying it into an insufficiently sized buffer. An attacker may exploit this issu...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

WinZip <= 10.0.7245 - FileView ActiveX Buffer Overflow Exploit (2)

No description provided by source. !-- prdelka http://blogs.23.nu/prdelka I made a version of my winzip exploit that utilises the heap spray method with a bindshell for some project or other. you can download a copy here if its of use to you, note i used a different method courtesy of...

7.1AI score
Exploits0
Rows per page
Query Builder