Vulnerabilities > CVE-2003-1376 - Credentials Management vulnerability in Winzip 8.0
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
WinZip 8.0 uses weak random number generation for password protected ZIP files, which allows local users to brute force the encryption keys and extract the data from the zip file by guessing the state of the stream coder.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |