Netzip Classic ZIP file parsing buffer overflow

Added: 11/04/2011
BID: 46059

Background

Netzip Classic is a Windows utility for downloading and decompressing files.

Problem

A buffer overflow vulnerability allows command execution when a user opens a specially crafted ZIP file and double-clicks on the file contained in it.

Resolution

Do not use Netzip Classic to open untrusted content.

References

http://www.securityfocus.com/bid/46059

Limitations

Exploit works on Netzip Classic 7.5.1.86 and requires a user to open the exploit file in Netzip Classic and double-click on the listed file.

Platforms

Windows XP
Windows 7

Back to exploit index