Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
winzip winzip vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-3442
WinZip prior to 11.0 does not properly verify the authenticity of updates, which allows man-in-the-middle malicious users to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning.
Winzip Winzip 10.0
Winzip Winzip 8.0
Winzip Winzip 8.1
Winzip Winzip 9.0
Winzip Winzip 7.0
NA
CVE-2004-1465
Multiple buffer overflows in WinZip 9.0 and previous versions may allow malicious users to execute arbitrary code via multiple vectors, including the command line.
Winzip Winzip 8.1
Winzip Winzip 9.0
Winzip Winzip 7.0
Winzip Winzip 8.0
1 EDB exploit
NA
CVE-2006-3890
Stack-based buffer overflow in the Sky Software FileView ActiveX control, as used in WinZip 10 before build 7245 and in certain other applications, allows remote malicious users to execute arbitrary code via a long FilePattern attribute in a WZFILEVIEW object, a different vulnera...
Sky Software Fileview Activex Control
Winzip Winzip 7.0
Winzip Winzip 8.0
Winzip Winzip
Winzip Winzip 8.1
Winzip Winzip 9.0
1 EDB exploit
NA
CVE-2004-0333
Buffer overflow in the UUDeview package, as used in WinZip 6.2 through WinZip 8.1 SR-1, and possibly other packages, allows remote malicious users to execute arbitrary code via a MIME archive with certain long MIME parameters.
Winzip Winzip 8.1
Uudeview Uudeview 0.5.18
Uudeview Uudeview 0.5.19
Openpkg Openpkg
Winzip Winzip 7.0
Winzip Winzip 8.0
Gentoo Linux 1.4
1 EDB exploit
NA
CVE-2006-5198
The WZFILEVIEW.FileViewCtrl.61 ActiveX control (aka Sky Software "FileView" ActiveX control) for WinZip 10.0 before build 7245 allows remote malicious users to execute arbitrary code via unspecified "unsafe methods."
Winzip Winzip 10.0
1 EDB exploit
NA
CVE-2003-1376
WinZip 8.0 uses weak random number generation for password protected ZIP files, which allows local users to brute force the encryption keys and extract the data from the zip file by guessing the state of the stream coder.
Winzip Winzip 8.0
NA
CVE-2007-0264
Buffer overflow in Winzip32.exe in WinZip 9.0 allows local users to cause a denial of service (application crash) and possibly execute arbitrary code via a long command line argument. NOTE: this issue may cross privilege boundaries if an application automatically invokes Winzip32...
Winzip Winzip 9.0
1 EDB exploit
NA
CVE-2006-6884
Buffer overflow in the WZFILEVIEW.FileViewCtrl.61 ActiveX control (aka Sky Software "FileView" ActiveX control) for WinZip 10.0 Build 6667 allows remote malicious users to execute arbitrary code via a long argument to the CreateNewFolderFromName method, a different vuln...
Winzip Winzip 10.0 Build 6667
3 EDB exploits
NA
CVE-2001-0449
Buffer overflow in WinZip 8.0 allows malicious users to execute arbitrary commands via a long file name that is processed by the /zipandemail command line option.
Winzip Winzip 8.0
NA
CVE-2002-0370
Buffer overflow in the ZIP capability for multiple products allows remote malicious users to cause a denial of service or execute arbitrary code via ZIP files containing entries with long filenames, including (1) Microsoft Windows 98 with Plus! Pack, (2) Windows XP, (3) Windows M...
Ibm Lotus Notes 5.0.10
Ibm Lotus Notes 5.0.11
Ibm Lotus Notes R6
Verity Keyview Viewing Sdk Gold
Ibm Lotus Notes 5.0.2
Ibm Lotus Notes 5.0.3
Winzip Winzip 7.0
Ibm Lotus Notes
Allume Systems Division Stuffit Expander 6.5.2
Ibm Lotus Notes 5.0.4
Ibm Lotus Notes 5.0.5
Ibm Lotus Notes 5.0
Ibm Lotus Notes 5.0.1
Ibm Lotus Notes 5.0.9a
Ibm Lotus Notes R5
Microsoft Windows Xp
Microsoft Windows 98 Plus Pack
Microsoft Windows Me
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »