225 matches found
FreeBSD Ports: uulib, uudeview, xdeview
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
CVE-2008-3442
WinZip before 11.0 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning...
Design/Logic Flaw
WinZip before 11.0 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning...
CVE-2008-3442
WinZip before 11.0 is affected. The vulnerability arises because updates are not properly authenticated, enabling a man‑in‑the‑middle to run arbitrary code via a Trojan horse update. Demonstrations referenced include evilgrade and DNS cache poisoning. No patch/version remediation details are prov...
CVE-2008-3442
WinZip before 11.0 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning...
WinZIP <= 8.1 Command Line Local Buffer Overflow Exploit
No description provided by source. / WinZip Command Line Local Buffer Overflow http://securitytracker.com/alerts/2004/Sep/1011132.html http://www.winzip.com/wz90sr1.htm Exploit coded By ATmaCA Web: atmacasoft.com && spyinstructors.com E-Mail: [email protected] Credit to kozan / / Tested with...
WinZIP MIME Parsing Overflow Proof of Concept Exploit
No description provided by source. / Author: snooq Date: 14 April 2004 This is a PoC exploit for WinZip32 MIME Parsing Overflow bug reported by iDefense on 27 February 2004. The original advisory is found here: http://www.idefense.com/application/poi/display?id=76 This version is SP dependent bec...
CVE-2003-1376
WinZip 8.0 is affected. The vulnerability stems from weak random number generation used for password protected ZIP files, allowing local attackers to brute force encryption keys by guessing the state of the ZIP stream coder. Reported impact is partial confidentiality, integrity, and availability....
CVE-2003-1376
WinZip 8.0 uses weak random number generation for password protected ZIP files, which allows local users to brute force the encryption keys and extract the data from the zip file by guessing the state of the stream coder...
High-speed crack winzip password-uzpc3. 0-vulnerability warning-the black bar safety net
Often on TV, newspaper, or even on the web ever heard of the hacker's name. They are elusive, depending on a variety of network security measures as nothing, any obstacle, any password for them just a piece of cake. The author ask himself no matter if those hackers did with writing their own tool...
WinZip ActiveX Control Instantiation Buffer Overflow (CVE-2006-5198; CVE-2006-6884)
WinZip is a file archiver and compressor for Microsoft Windows. The vulnerability is due to an error in the WinZip FileView ActiveX control WZFILEVIEW.FileViewCtrl.61. To trigger the vulnerability, an attacker can create a malicious web page that initiates the vulnerable ActiveX control with a lo...
winzip-heap.txt
shellcode =...
WinZip <= 10.0.7245 FileView ActiveX Buffer Overflow Exploit v2
No description provided by source. prdelka http://blogs.23.nu/prdelka I made a version of my winzip exploit that utilises the heap spray method with a bindshell for some project or other. you can download a copy here if its of use to you, note i used a different method courtesy...
WinZip <= 10.0.7245 FileView ActiveX Buffer Overflow Exploit v2
Exploit for unknown platform in category remote exploits =============================================================== WinZip shellcode =...
WinZip <= 10.0.7245 FileView ActiveX Buffer Overflow Exploit v2
No description provided by source. !-- prdelka http://blogs.23.nu/prdelka I made a version of my winzip exploit that utilises the heap spray method with a bindshell for some project or other. you can download a copy here if its of use to you, note i used a different method courtesy of...
WinZip 10.0.7245 - FileView ActiveX Buffer Overflow (2)
WinZip 10.0.7245 - FileView ActiveX Buffer Overflow 2 shellcode =...
WinZip 10.0.7245 - FileView ActiveX Buffer Overflow (2)
shellcode =...
WinZip命令行远程缓冲区溢出漏洞
WinZip是一款流行的解压缩程序。 WinZip处理命令行参数存在缓冲区溢出,远程攻击者可以利用漏洞对应用程序进行拒绝服务攻击,可能执行任意指令。 提交类似的命令,可导致WinZip产生缓冲区溢出: Winzip32.exe "A" x 5002 WinZip 9.0 SR-1 目前没有解决方案: http://www.winzip.com/...
Buffer overflow
Buffer overflow in Winzip32.exe in WinZip 9.0 allows local users to cause a denial of service application crash and possibly execute arbitrary code via a long command line argument. NOTE: this issue may cross privilege boundaries if an application automatically invokes Winzip32.exe for untrusted...
CVE-2007-0264
CVE-2007-0264 affects WinZip 9.0 via a buffer overflow in Winzip32.exe triggered by a long command line argument. It may allow a local attacker to crash the application and potentially execute arbitrary code; in some setups it could cross privilege boundaries if untrusted filenames invoke Winzip3...