ESTsoft ALZip MIM File Handling Buffer Overflow

Added: 08/09/2011
CVE: CVE-2011-1336
BID: 48493
OSVDB: 73684

Background

ESTsoft ALZip is a Windows-based file compression program that can unzip 40 different zip file archives. ALZip can zip files into 8 different archives such as ZIP, EGG, TAR and others.

Problem

ESTsoft ALZip 8.21 and earlier is vulnerable to a stack buffer overflow in libETC.dll due to improper parsing of the filename or name parameter within MIM file headers if an overly long filename is provided. A remote attacker can exploit this vulnerability to execute arbitrary code by enticing a user to open a specially crafted MIM file in a vulnerable version of ALZip.

Resolution

Upgrade to the 2011-06-09 release of ESTsoft ALZip version 8.21 (fixed without ersion number change), or a higher version.

References

http://secunia.com/advisories/45108/

Limitations

Exploit works on ESTsoft ALZip 8.12 and the target user must open the exploit file in a vulnerable version of ALZip.

Platforms

Windows

Back to exploit index