Vulnerabilities > Winzip > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-01-16 | CVE-2007-0264 | Remote Buffer Overflow vulnerability in Winzip 9.0 Buffer overflow in Winzip32.exe in WinZip 9.0 allows local users to cause a denial of service (application crash) and possibly execute arbitrary code via a long command line argument. local winzip | 6.6 |
2006-11-14 | CVE-2006-5198 | Remote Code Execution vulnerability in Winzip 10.0 The WZFILEVIEW.FileViewCtrl.61 ActiveX control (aka Sky Software "FileView" ActiveX control) for WinZip 10.0 before build 7245 allows remote attackers to execute arbitrary code via unspecified "unsafe methods." | 4.0 |
2004-08-18 | CVE-2004-0235 | Buffer Overflow/Directory Traversal vulnerability in Multiple LHA Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. | 6.4 |
2003-12-31 | CVE-2003-1376 | Credentials Management vulnerability in Winzip 8.0 WinZip 8.0 uses weak random number generation for password protected ZIP files, which allows local users to brute force the encryption keys and extract the data from the zip file by guessing the state of the stream coder. | 4.6 |
2001-06-27 | CVE-2001-0449 | Local Security vulnerability in Winzip 8.0 Buffer overflow in WinZip 8.0 allows attackers to execute arbitrary commands via a long file name that is processed by the /zipandemail command line option. | 4.6 |