Intrusion Prevention

WinZip.MIME.Archive.Buffer.Overflow

Description

It indicates a possible exploit of "MIME archive buffer overflow" vulnerability in WinZip software.


WINZIP is a windows application and widely used for archive files. A buffer overflow vulnerability is reported in it that may allow an attacker to execute arbitrary code on the affected system. This is due to applications UUDeview package failure to validate certain parameters in MIME archive file with extensions .mim, .uue, .uu, .b64,
.bhx, .hqx, and .xxe while parsing them. This may be exploited by an attacker by specially crafting archive file with above extensions and send it to a victim via email.

Affected Products

WinZip 8.1 SR-1 and possibly earlier versions

Impact

The attacker may be able to execute arbitrary code.

Recommended Actions

Update to WINZIP version 9.0 or later.

CVE References

CVE-2004-0333