[36368] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

WinZip Unspecified Buffer Overflows May Let Remote or Local Users

daemon@ATHENA.MIT.EDU (Jérôme" ATHIAS)
Thu Sep 2 20:14:11 2004

Date: 2 Sep 2004 04:36:10 -0000
Message-ID: <20040902043610.18054.qmail@www.securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: "Jérôme" ATHIAS <jerome.athias@caramail.com>
To: bugtraq@securityfocus.com

Date:  Wed, 1 Sep 2004 07:31:24 -0400
Subject:  http://www.winzip.com/wz90sr1.htm 

WinZip reported discovering some vulnerabilities, including potential buffer 
overflows, during an internal review of the WinZip code.  In addition, a WinZip
user discovered a buffer overflow, where a local user can supply a specially crafted
WinZip command line to trigger the overflow.

A fix (9.0 SR-1) is available at:

http://www.winzip.com/upgrade.htm

------------------------------------------

I don't have more informations.
You can just check 
http://www.securitytracker.com/alerts/2004/Sep/1011132.html

Regards.
Jérôme


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[36368] in bugtraq

WinZip Unspecified Buffer Overflows May Let Remote or Local Users

daemon@ATHENA.MIT.EDU (Jérôme" ATHIAS)Thu Sep 2 20:14:11 2004

daemon@ATHENA.MIT.EDU (Jérôme" ATHIAS)
Thu Sep 2 20:14:11 2004