Alzip Security Vulnerabilities and Issues — Alzip CVE List

Lucene search

EstsoftAlzip

3 matches found

CVE•added 2017/08/19 4:29 p.m.•41 views

CVE-2017-11323

Stack-based buffer overflow in ESTsoft ALZip 8.51 and earlier allows remote attackers to execute arbitrary code via a crafted MS-DOS device file, as demonstrated by use of "AUX" as the initial substring of a filename.

7.8CVSS8AI score0.04227EPSS

CVE•added 2018/05/17 12:29 p.m.•36 views

CVE-2018-10027

ESTsoft ALZip before 10.76 allows local users to execute arbitrary code via creating a malicious .DLL file and installing it in a specific directory: %PROGRAMFILES%\ESTsoft\ALZip\Formats, %PROGRAMFILES%\ESTsoft\ALZip\Coders, %PROGRAMFILES(X86)%\ESTsoft\ALZip\Formats, or %PROGRAMFILES(X86)%\ESTsoft\...

7.8CVSS7.8AI score0.00067EPSS

CVE•added 2019/08/13 8:15 p.m.•35 views

CVE-2019-12807

Alzip 10.83 and earlier version contains a stack-based buffer overflow vulnerability, caused by improper bounds checking during the parsing of crafted ISO archive file format. By persuading a victim to open a specially-crafted ISO archive file, an attacker could execution arbitrary code.

7.8CVSS7.8AI score0.0088EPSS