Reported March 2, 2001, by Defcom Labs.

VERSIONS AFFECTED

  • WinZip32 8.0 for Windows 2000

  • WinZip32 8.0 for Windows NT

DESCRIPTION

A buffer overrun condition exists in the WinZip32 8.0 compression utility that could let a user execute code arbitrarily within the security context of WinZip32. This condition exists when someone uses the utility's zip-and-email feature in Windows Explorer with an extremely long file name.

VENDOR RESPONSE

Currently, no workaround or fix exists other than not using the program's zip-and-email feature. The vendor, WinZip Computing, Inc., has acknowledged this vulnerability and will correct it in the next release.

CREDIT
Discovered by Peter Gr√ľndl.