Vulnerabilities > Estsoft > Alzip > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-13 | CVE-2019-12807 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Estsoft Alzip Alzip 10.83 and earlier version contains a stack-based buffer overflow vulnerability, caused by improper bounds checking during the parsing of crafted ISO archive file format. | 6.8 |
| 2018-12-21 | CVE-2018-5196 | Out-of-bounds Write vulnerability in Estsoft Alzip 10.76.0.0/8.5.1 Alzip 10.76.0.0 and earlier is vulnerable to a stack overflow caused by improper bounds checking. | 6.8 |
| 2018-05-17 | CVE-2018-10027 | Untrusted Search Path vulnerability in Estsoft Alzip 8.0/8.12/8.21 ESTsoft ALZip before 10.76 allows local users to execute arbitrary code via creating a malicious .DLL file and installing it in a specific directory: %PROGRAMFILES%\ESTsoft\ALZip\Formats, %PROGRAMFILES%\ESTsoft\ALZip\Coders, %PROGRAMFILES(X86)%\ESTsoft\ALZip\Formats, or %PROGRAMFILES(X86)%\ESTsoft\ALZip\Coders. | 4.6 |
| 2017-08-19 | CVE-2017-11323 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Estsoft Alzip Stack-based buffer overflow in ESTsoft ALZip 8.51 and earlier allows remote attackers to execute arbitrary code via a crafted MS-DOS device file, as demonstrated by use of "AUX" as the initial substring of a filename. | 6.8 |
| 2005-10-14 | CVE-2005-3194 | Archive Formats File Name Buffer Overflow vulnerability in Estsoft Alzip 5.52English/6.12Korean/6.1International Multiple buffer overflows in ALZip 6.12 (Korean), 6.1 (International), and 5.52 (English) allow remote attackers to execute arbitrary code via a long filename in a compressed (1) ALZ, (2) ARJ, (3) ZIP, (4) UUE, or (5) XXE archive. | 5.1 |