[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20040902043610.18054.qmail@www.securityfocus.com>
Date: 2 Sep 2004 04:36:10 -0000
From: "Jérôme" ATHIAS <jerome.athias@...amail.com>
To: bugtraq@...urityfocus.com
Subject: WinZip Unspecified Buffer Overflows May Let Remote or Local Users
Execute Arbitrary Code
Date: Wed, 1 Sep 2004 07:31:24 -0400
Subject: http://www.winzip.com/wz90sr1.htm
WinZip reported discovering some vulnerabilities, including potential buffer
overflows, during an internal review of the WinZip code. In addition, a WinZip
user discovered a buffer overflow, where a local user can supply a specially crafted
WinZip command line to trigger the overflow.
A fix (9.0 SR-1) is available at:
http://www.winzip.com/upgrade.htm
------------------------------------------
I don't have more informations.
You can just check
http://www.securitytracker.com/alerts/2004/Sep/1011132.html
Regards.
Jérôme
Powered by blists - more mailing lists