| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: 2 Sep 2004 04:36:10 -0000
From: "Jérôme" ATHIAS <jerome.athias@...amail.com>
To: bugtraq@...urityfocus.com
Subject: WinZip Unspecified Buffer Overflows May Let Remote or Local Users
Execute Arbitrary Code
Date: Wed, 1 Sep 2004 07:31:24 -0400
Subject: http://www.winzip.com/wz90sr1.htm
WinZip reported discovering some vulnerabilities, including potential buffer
overflows, during an internal review of the WinZip code. In addition, a WinZip
user discovered a buffer overflow, where a local user can supply a specially crafted
WinZip command line to trigger the overflow.
A fix (9.0 SR-1) is available at:
http://www.winzip.com/upgrade.htm
------------------------------------------
I don't have more informations.
You can just check
http://www.securitytracker.com/alerts/2004/Sep/1011132.html
Regards.
Jérôme
Powered by blists - more mailing lists