|
       
 |
|
| Programming tutorials All Knowledge Info and links to posted here |
  |
|
Zipgenius Multiple Archive Handling Buffer Overflow
|
LinkBack | Thread Tools | Display Modes |
23-Feb-2007, 05:55 AM
|
#1 (permalink) |
|
Fixed Error!
Posts: 330
Join Date: Feb 2007
Rep Power: 2
IM:
|
Zipgenius Multiple Archive Handling Buffer Overflow
Code:
Affected Software ZipGenius Version 5.5.1.468 and 6.0.2.1041. Prior versions may also be affected. 1) A boundary error exists in "zipgenius.exe", "zg.exe", "zgtips.dll", and "contmenu.dll" when reading the filename of a compressed file from a ZIP archive. This can be exploited to cause a stack-based buffer overflow when a malicious archive containing a file with an overly long filename is read either in ZipGenius or from Windows Explorer. 2) A boundary error exists in "zipgenius.exe" when handling the original name of a UUE/XXE/MIM encoded file. This can be exploited to cause a stack-based buffer overflow when a malicious UUE/XXE/MIM archive containing an encoded file with an overly long filename is opened. 3) A boundary error exists in "unacev2.dll" when extracting an ACE archive containing a file with an overly long filename. This can be exploited to cause a stack-based buffer overflow when a malicious ACE archive is extracted using "zipgenius.exe" or "zg.exe". Njoy... |
|
        
|
|
|
|
| |
| Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
| Thread Tools | |
| Display Modes | |
|
|
Linear Mode
