| VID |
28168 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The WinZip FileView ActiveX control has multiple vulnerabilities which exist in versions prior to 6.1.7242.0. Sky Software FileView ActiveX control, as used in WinZip 10 before build 7245 and in certain other applications, are vulnerable to an arbitrary code execution and buffer overflow vulnerabilities. A remote attacker could exploit these vulnerabilities to execute arbitrary code on the victim's system, if the attacker could persuade the victim to visit a malicious Web site and the victim is using an affected version of WinZip.
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.winzip.com/wz7245.htm
http://www.zerodayinitiative.com/advisories/ZDI-06-040.html
http://www.securityfocus.com/archive/1/archive/1/451566/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/451589/100/0/threaded
http://www.kb.cert.org/vuls/id/225217
http://www.kb.cert.org/vuls/id/512804
http://www.milw0rm.com/exploits/2783
http://www.milw0rm.com/exploits/2785
http://www.frsirt.com/english/advisories/2006/4509
http://securitytracker.com/alerts/2006/Nov/1017226.html
http://isc.sans.org/diary.php?storyid=1861
http://secunia.com/advisories/22891
* Platforms Affected:
WinZip Computing, Inc., WinZip versions prior to 10.0 Build 7245
Microsoft Windows Any version |
| Recommendation |
Upgrade to the latest version of WinZip (10.0 Build 7245 or later), available from the WinZip Web site at http://www.winzip.com/wz7245.htm |
| Related URL |
CVE-2006-3890,CVE-2006-5198 (CVE) |
| Related URL |
21060,21108 (SecurityFocus) |
| Related URL |
30315,30316 (ISS) |
|
