Family: Windows --> Category: infos
DynaZip Zip Archive Handling Buffer Overflow Vulnerabilities Vulnerability Scan
Vulnerability Scan Summary
Checks version of DynaZip's dzip32.dll / dzips32.dll
Detailed Explanation for this Vulnerability Test
There is a library file installed on the remote Windows host that is
affected by several buffer overflow vulnerabilities.
The version of the DynaZip Max or DynaZip Max Secure installed on the
remote host contains a DLL that reportedly is prone to stack-based
overflows when repairing or updating a specially-crafted ZIP file.
Successful exploitation allows a possible hacker to execute arbitrary code
on the affected host subject to the user's rights.
Note that DynaZip libraries are included in some third-party
applications to provide support for handling ZIP files.
See also :
Either upgrade to DynaZip Max 126.96.36.199 / DynaZip Max Secure 188.8.131.52 or
later or contact the appropriate vendor for a fix.
High / CVSS Base Score : 8
Click HERE for more information and discussions on this network vulnerability scan.