Email us! Subscribe to Liquidmatrix!

WinZip FileView ActiveX Control Insecure Methods

Author: Dave Lewis
November 15, 2006 at 6:45 pm · Filed under Vulnerability

There is a vulnerability in WinZip that could potentially be exploited by a mallicious user.

From Secunia:

Description:
A vulnerability has been reported in WinZip, which can be exploited by malicious people to compromise a user’s system.

The vulnerability is caused due to several unspecified insecure methods in the FileView ActiveX control (WZFILEVIEW.FileViewCtrl.61). This can be exploited to execute arbitrary code via a specially crafted web site.

Successful exploitation requires that the user is tricked into visiting a malicious web site.

The vulnerability is reported in WinZip 10.0 versions prior to Build 7245.

Article Link

Tags: , ,

Tag It:
  • Digg
  • del.icio.us
  • Slashdot
  • Technorati
  • SphereIt
  • StumbleUpon
  • Fark
  • YahooMyWeb
  • Furl
  • Spurl
  • Ma.gnolia
  • NewsVine
Related Articles:

  • HP Laptops One Click Hack
  • AOL YGPPDownload ActiveX Control Buffer Overflows
  • Microsoft DirectX Media SDK FlashPix ActiveX Control Buffer Overflow
  • Yahoo! Music Jukebox ActiveX Buffer Overflows
  • Vulnerability in Microsoft Office 2003 ActiveX Control

    • Leave a Comment