lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20040902043610.18054.qmail@www.securityfocus.com>
Date: 2 Sep 2004 04:36:10 -0000
From: "Jérôme" ATHIAS <jerome.athias@...amail.com>
To: bugtraq@...urityfocus.com
Subject: WinZip Unspecified Buffer Overflows May Let Remote or Local Users
    Execute Arbitrary Code




Date:  Wed, 1 Sep 2004 07:31:24 -0400
Subject:  http://www.winzip.com/wz90sr1.htm 
 
WinZip reported discovering some vulnerabilities, including potential buffer 
overflows, during an internal review of the WinZip code.  In addition, a WinZip
user discovered a buffer overflow, where a local user can supply a specially crafted
WinZip command line to trigger the overflow.
 
A fix (9.0 SR-1) is available at:
 
http://www.winzip.com/upgrade.htm

------------------------------------------

I don't have more informations.
You can just check 
http://www.securitytracker.com/alerts/2004/Sep/1011132.html

Regards.
Jérôme

 


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ