Lucene search
K
EstsoftAlzip

6 matches found

CVE
CVE
added 2011/07/07 7:0 p.m.62 views

CVE-2011-1336

CVE-2011-1336 affects ESTsoft ALZip ≤ 8.21. The vulnerability is a stack buffer overflow in the libETC.dll caused by parsing the filename/name fields in MIM headers. A remote attacker can trigger arbitrary code execution by convincing a user to open a crafted MIM file. Remediation: upgrade to ALZ...

9.3CVSS7.8AI score0.05539EPSS
CVE
CVE
added 2017/08/19 4:0 p.m.54 views

CVE-2017-11323

CVE-2017-11323 affects ESTsoft ALZip 8.51 and earlier. The root cause is a stack-based buffer overflow in the handling of MS-DOS device files, exploitable remotely when a crafted filename begins with substrings like AUX. Reported impact is arbitrary code execution with the attacker likely remote,...

7.8CVSS8AI score0.02953EPSS
CVE
CVE
added 2018/05/17 12:0 p.m.47 views

CVE-2018-10027

ESTsoft ALZip (Windows) before version 10.76 is affected. Local attackers can execute arbitrary code by placing a malicious DLL in specific ALZip directories (%PROGRAMFILES%\ESTsoft\ALZip\Formats, %PROGRAMFILES%\ESTsoft\ALZip\Coders, and their 32‑bit equivalents) and installing it. Root cause is ...

7.8CVSS7.8AI score0.00439EPSS
CVE
CVE
added 2018/12/21 3:0 p.m.47 views

CVE-2018-5196

The CVE-2018-5196 entry affects ESTsoft ALZip (versions 10.76.0.0 and earlier). The root cause is a stack overflow caused by improper bounds checking when handling specially crafted LZH archives. Exploitation wording from multiple sources indicates that convincing a user to open a malicious LZH f...

8.8CVSS8.3AI score0.01439EPSS
CVE
CVE
added 2019/08/13 7:22 p.m.47 views

CVE-2019-12807

CVE-2019-12807 affects ESTsoft Alzip 10.83 and earlier. The vulnerability is a stack-based buffer overflow caused by improper bounds checking when parsing a crafted ISO archive file. By convincing a user to open a specially crafted ISO, an attacker could execute arbitrary code on the affected sys...

7.8CVSS7.8AI score0.0162EPSS
CVE
CVE
added 2005/10/14 4:0 a.m.46 views

CVE-2005-3194

CVE-2005-3194 affects ALZip 6.12 (Korean), 6.1 (International), and 5.52 (English). The vulnerability is described as multiple buffer overflows that allow remote attackers to execute arbitrary code via a long filename inside compressed archives (ALZ, ARJ, ZIP, UUE, XXE). Connected sources reitera...

5.1CVSS8.2AI score0.03087EPSS