| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 01 Apr 2010 05:32:33 -0700 From: tecr0c@...ninja.net To: full-disclosure@...ts.grok.org.uk, secalert@...urityreason.com, vuln@...unia.com Subject: Advisory Optimal Archive 1.38 Advisory : CORELAN-10-017 Disclosure date : 31/3/2010 1 : Vulnerability information Product : Optimal Archive Version : 1.38 Vendor : Optimal Access URL : http://www.optimalaccess.com/en/product_archive.htm Platform : Windows Type of vulnerability : Stack overflow Risk rating : Medium Issue fixed in version : <unpatched> Vulnerability discovered by : TecR0c 2 : Vendor description of software "Optimal Archive is a stand alone program which lets you view the structure of your zip-file in the explorer tree – launch applications from inside the zip file, and drag and drop files from and to the zip file with ease. However when you use Optimal Archive inside of Optimal Desktop all your folders are accessible from one tree, and you can use Optimal Desktops tabs to point to any folder inside of your zipped files" 3 : Vulnerability details A specially crafted zip file will cause a stack based buffer overflow in explorer.exe 4 : Vendor communication March 21, 2010 – Initial vendor contact March 29, 2010 – Reminder to vendor March 31, 2010 – No contact from vendor whatsoever March 31, 2010 – Public disclosure 5 : Exploit/PoC http://www.tecninja.net/exploits/optimal.py.txt _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists