225 matches found
WinZip Mark-of-the-Web Bypass Vulnerability
This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of WinZip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...
PT-2025-6402 · Winzip · Winzip
Name of the Vulnerable Software and Affected Versions: WinZip versions prior to 29.0 Description: A vulnerability exists in WinZip’s 7Z file parsing functionality, allowing for remote code execution. This issue stems from insufficient validation of user-supplied data during the parsing of 7Z file...
NanoCore RAT Scurries Past Email Defenses with .ZIPX Tactic
A spate of malicious emails with attachments delivering the NanoCore remote access trojan RAT is evading anti-malware and email scanners by abusing the .ZIPX file format. That’s according to researchers at Trustwave, who found that the campaign is effectively hiding a malicious executable by givi...
Free WinZip trial popup vulnerability lets hackers drop malware
By Sudais Asif Other than malware delivery; WinZip vulnerability also lets hackers carry out arbitrary code execution. Find out what else can be done. This is a post from HackRead.com Read the original post: Free WinZip trial popup vulnerability lets hackers drop malware...
store.winzip.com Open Redirect vulnerability
Open Bug Bounty ID: OBB-494169 Description| Value ---|--- Affected Website:| store.winzip.com Vulnerable Application:| Custom Code Vulnerability Type:| Open Redirect / CWE-601 CVSSv3 Score:| 3.4 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N Disclosure Standard:| Coordinated Disclosure based on ISO...
winzip-cgn.cleverbridge.com Open Redirect vulnerability
Open Bug Bounty ID: OBB-485237 Description| Value ---|--- Affected Website:| winzip-cgn.cleverbridge.com Vulnerable Application:| hidden until disclosure Vulnerability Type:| Open Redirect / CWE-601 CVSSv3 Score:| hidden until disclosure Disclosure Standard:| Coordinated Disclosure based on ISO...
Archive Cryptography: unarcrypto
Archive Cryptography unarcrypto.py is an educational tool to depict the use of cryptography for password verification, headers and content encryption by popular archivers: zip, 7zip, rar v3 and v5. Supported archives format, encryption and compression algorithms: zip password protected or not,...
WinZip – Zip UnZip Tool - Customized SSL, Dangerous filesystem permissions, WebView SSL handling enabled vulnerabilities
HackApp vulnerability scanner discovered that application WinZip – Zip UnZip Tool published at the 'play' market has multiple vulnerabilities...
WinZip Unsupported Version Detection
According to its self-reported version number, the installation of WinZip on the remote Windows host is no longer supported. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it is likely to contain security vulnerabilities. C Tenabl...
WinZip Unsupported (Mac OS X)
According to its self-reported version number, the installation of WinZip on the remote Mac OS X host is no longer supported. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it is likely to contain security vulnerabilities. C Tenab...
WinZip Installed (Mac OS X)
Binary data macosxwinzipinstalled.nbin...
WinZip Installed
Binary data winzipinstalled.nbin...
WinZip FileView (WZFILEVIEW.FileViewCtrl.61) ActiveX Buffer Overflow
No description provided by source. $Id: winzipfileview.rb 9179 2010-04-30 08:40:19Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...
WinZIP <= 8.1 Command Line Local Buffer Overflow Exploit
No description provided by source. / WinZip Command Line Local Buffer Overflow http://securitytracker.com/alerts/2004/Sep/1011132.html http://www.winzip.com/wz90sr1.htm Exploit coded By ATmaCA Web: atmacasoft.com && spyinstructors.com E-Mail: [email protected] Credit to kozan / / Tested with...
WinZIP <= 10.0.7245 (FileView ActiveX Control) Stack Overflow PoC
No description provided by source. !-- WinZip FileView ActiveX Control Unsafe Method Exposure Vulnerability -- prdelka -- HTML HEAD TITLE/TITLE /HEAD BODY SCRIPT LANGUAGE=VBScript !-- Sub WZFILEVIEWOnAfterItemAddItem WZFILEVIEW.FilePattern =...
Winzip 15.0 WZFLDVW.OCX IconIndex Property Denial of Service
No description provided by source. Exploit Title: Winzip WZFLDVW.OCX IconIndex property access violation Author: fady mohamed osman Software Link : http://www.winzip.com/downwz.htm Version: 15.0 Build 9334 Tested on: Win XP Sp2 CVE : N/A Website : http://www.darkmasters.co.cc/ Twitter :...
Winzip 15.0 WZFLDVW.OCX Text Property Denial of Service
No description provided by source. Exploit Title: Winzip WZFLDVW.OCX text property access violation Author: fady mohamed osman Software Link : http://www.winzip.com/downwz.htm Version: 15.0 Build 9334 Tested on: Win XP Sp2 CVE : N/A Website : http://www.darkmasters.co.cc/ Twitter :...
WinZIP <= 10.0.7245 (FileView ActiveX) Remote Buffer Overflow Exploit
No description provided by source. / WinZip = 10.0.7245 FileView ActiveX buffer overflow exploit ============================================================ A vulnerability has been identified within Winzip that allows remote attackers to execute arbitrary code. User interaction is required to...
WinZip 9.0 Command Line Remote Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/22020/info WinZip is prone to a remote buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied input before copying it into an insufficiently sized buffer. An attacker may exploit this issu...
WinZip <= 10.0.7245 - FileView ActiveX Buffer Overflow Exploit (2)
No description provided by source. !-- prdelka http://blogs.23.nu/prdelka I made a version of my winzip exploit that utilises the heap spray method with a bindshell for some project or other. you can download a copy here if its of use to you, note i used a different method courtesy of...