Vulnerabilities > CVE-2003-1376 - Credentials Management vulnerability in Winzip 8.0
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
WinZip 8.0 uses weak random number generation for password protected ZIP files, which allows local users to brute force the encryption keys and extract the data from the zip file by guessing the state of the stream coder.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Common Weakness Enumeration (CWE)
References
- http://securityreason.com/securityalert/3265
- http://securityreason.com/securityalert/3265
- http://www.securityfocus.com/archive/1/311059
- http://www.securityfocus.com/archive/1/311059
- http://www.securityfocus.com/bid/6805
- http://www.securityfocus.com/bid/6805
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11296
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11296