Network Security Consulting Advisories Article
ZipItFree '.zip' File Buffer Overflow Vulnerability
Boundary Condition Error
Jul 08 2011 12:00AM
Jul 13 2012 11:50AM
MicroSmarts ZipItFree 3.0
ZipItFree is prone to a heap-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data.
Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.
ZipItFree 3.0 is vulnerable; other versions may also be affected.
Proof of Concept and Security Exploits
The following exploit code is available:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: email@example.com.
Site Updated May 22, 2013
©2000-2013 Emagined Security
All Rights Reserved
Secure Web Programming