Lucene search
K

225 matches found

openvas
openvas
added 2008/09/04 12:0 a.m.12 views

FreeBSD Ports: uulib, uudeview, xdeview

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

10CVSS6.8AI score0.24226EPSS
Exploits1References3
nvd
nvd
added 2008/08/01 2:41 p.m.18 views

CVE-2008-3442

WinZip before 11.0 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning...

7.5CVSS7.4AI score0.03758EPSS
Exploits0References4
prion
prion
added 2008/08/01 2:41 p.m.18 views

Design/Logic Flaw

WinZip before 11.0 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning...

7.5CVSS8AI score0.03758EPSS
Exploits0References4Affected Software1
cve
cve
added 2008/08/01 2:0 p.m.51 views

CVE-2008-3442

WinZip before 11.0 is affected. The vulnerability arises because updates are not properly authenticated, enabling a man‑in‑the‑middle to run arbitrary code via a Trojan horse update. Demonstrations referenced include evilgrade and DNS cache poisoning. No patch/version remediation details are prov...

7.5CVSS7.5AI score0.03758EPSS
Exploits0References4Affected Software1
cvelist
cvelist
added 2008/08/01 2:0 p.m.20 views

CVE-2008-3442

WinZip before 11.0 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning...

7.4AI score0.03758EPSS
Exploits0References4
seebug
seebug
added 2008/07/19 12:0 a.m.24 views

WinZIP <= 8.1 Command Line Local Buffer Overflow Exploit

No description provided by source. / WinZip Command Line Local Buffer Overflow http://securitytracker.com/alerts/2004/Sep/1011132.html http://www.winzip.com/wz90sr1.htm Exploit coded By ATmaCA Web: atmacasoft.com && spyinstructors.com E-Mail: [email protected] Credit to kozan / / Tested with...

7.1AI score
Exploits0
seebug
seebug
added 2008/07/16 12:0 a.m.23 views

WinZIP MIME Parsing Overflow Proof of Concept Exploit

No description provided by source. / Author: snooq Date: 14 April 2004 This is a PoC exploit for WinZip32 MIME Parsing Overflow bug reported by iDefense on 27 February 2004. The original advisory is found here: http://www.idefense.com/application/poi/display?id=76 This version is SP dependent bec...

7.1AI score
Exploits0
cve
cve
added 2007/10/19 10:0 a.m.48 views

CVE-2003-1376

WinZip 8.0 is affected. The vulnerability stems from weak random number generation used for password protected ZIP files, allowing local attackers to brute force encryption keys by guessing the state of the ZIP stream coder. Reported impact is partial confidentiality, integrity, and availability....

4.6CVSS6.9AI score0.0024EPSS
Exploits1References4Affected Software1
cvelist
cvelist
added 2007/10/19 10:0 a.m.20 views

CVE-2003-1376

WinZip 8.0 uses weak random number generation for password protected ZIP files, which allows local users to brute force the encryption keys and extract the data from the zip file by guessing the state of the stream coder...

6.5AI score0.0024EPSS
Exploits1References4
myhack58
myhack58
added 2007/10/05 12:0 a.m.28 views

High-speed crack winzip password-uzpc3. 0-vulnerability warning-the black bar safety net

Often on TV, newspaper, or even on the web ever heard of the hacker's name. They are elusive, depending on a variety of network security measures as nothing, any obstacle, any password for them just a piece of cake. The author ask himself no matter if those hackers did with writing their own tool...

0.3AI score
Exploits0
checkpoint_advisories
checkpoint_advisories
added 2007/07/02 12:0 a.m.55 views

WinZip ActiveX Control Instantiation Buffer Overflow (CVE-2006-5198; CVE-2006-6884)

WinZip is a file archiver and compressor for Microsoft Windows. The vulnerability is due to an error in the WinZip FileView ActiveX control WZFILEVIEW.FileViewCtrl.61. To trigger the vulnerability, an attacker can create a malicious web page that initiates the vulnerable ActiveX control with a lo...

9.3CVSS6.8AI score0.602EPSS
Exploits5
packetstorm
packetstorm
added 2007/03/09 12:0 a.m.34 views

winzip-heap.txt

shellcode =...

Exploits0
seebug
seebug
added 2007/03/07 12:0 a.m.17 views

WinZip <= 10.0.7245 FileView ActiveX Buffer Overflow Exploit v2

No description provided by source. prdelka http://blogs.23.nu/prdelka I made a version of my winzip exploit that utilises the heap spray method with a bindshell for some project or other. you can download a copy here if its of use to you, note i used a different method courtesy...

7.1AI score
Exploits0
zdt
zdt
added 2007/03/06 12:0 a.m.31 views

WinZip <= 10.0.7245 FileView ActiveX Buffer Overflow Exploit v2

Exploit for unknown platform in category remote exploits =============================================================== WinZip shellcode =...

7.1AI score
Exploits0
seebug
seebug
added 2007/03/06 12:0 a.m.15 views

WinZip &lt;= 10.0.7245 FileView ActiveX Buffer Overflow Exploit v2

No description provided by source. !-- prdelka http://blogs.23.nu/prdelka I made a version of my winzip exploit that utilises the heap spray method with a bindshell for some project or other. you can download a copy here if its of use to you, note i used a different method courtesy of...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2007/03/06 12:0 a.m.21 views

WinZip 10.0.7245 - FileView ActiveX Buffer Overflow (2)

WinZip 10.0.7245 - FileView ActiveX Buffer Overflow 2 shellcode =...

1.3AI score
Exploits0
exploitdb
exploitdb
added 2007/03/06 12:0 a.m.33 views

WinZip 10.0.7245 - FileView ActiveX Buffer Overflow (2)

shellcode =...

7.4AI score
Exploits0
seebug
seebug
added 2007/01/17 12:0 a.m.22 views

WinZip命令行远程缓冲区溢出漏洞

WinZip是一款流行的解压缩程序。 WinZip处理命令行参数存在缓冲区溢出,远程攻击者可以利用漏洞对应用程序进行拒绝服务攻击,可能执行任意指令。 提交类似的命令,可导致WinZip产生缓冲区溢出: Winzip32.exe "A" x 5002 WinZip 9.0 SR-1 目前没有解决方案: http://www.winzip.com/...

7.1AI score
Exploits0
prion
prion
added 2007/01/16 11:28 p.m.17 views

Buffer overflow

Buffer overflow in Winzip32.exe in WinZip 9.0 allows local users to cause a denial of service application crash and possibly execute arbitrary code via a long command line argument. NOTE: this issue may cross privilege boundaries if an application automatically invokes Winzip32.exe for untrusted...

6.6CVSS8.2AI score0.00694EPSS
Exploits0References2Affected Software1
cve
cve
added 2007/01/16 11:0 p.m.69 views

CVE-2007-0264

CVE-2007-0264 affects WinZip 9.0 via a buffer overflow in Winzip32.exe triggered by a long command line argument. It may allow a local attacker to crash the application and potentially execute arbitrary code; in some setups it could cross privilege boundaries if untrusted filenames invoke Winzip3...

6.6CVSS7.6AI score0.00694EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder