Total
6 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-11323 | 1 Estsoft | 1 Alzip | 2021-05-03 | 6.8 MEDIUM | 7.8 HIGH |
Stack-based buffer overflow in ESTsoft ALZip 8.51 and earlier allows remote attackers to execute arbitrary code via a crafted MS-DOS device file, as demonstrated by use of "AUX" as the initial substring of a filename. | |||||
CVE-2019-12807 | 2 Estsoft, Microsoft | 2 Alzip, Windows | 2020-10-06 | 6.8 MEDIUM | 7.8 HIGH |
Alzip 10.83 and earlier version contains a stack-based buffer overflow vulnerability, caused by improper bounds checking during the parsing of crafted ISO archive file format. By persuading a victim to open a specially-crafted ISO archive file, an attacker could execution arbitrary code. | |||||
CVE-2018-5196 | 1 Estsoft | 1 Alzip | 2020-08-24 | 6.8 MEDIUM | 7.8 HIGH |
Alzip 10.76.0.0 and earlier is vulnerable to a stack overflow caused by improper bounds checking. By persuading a victim to open a specially-crafted LZH archive file, a attacker could execute arbitrary code execution. | |||||
CVE-2018-10027 | 1 Estsoft | 1 Alzip | 2018-06-19 | 4.6 MEDIUM | 7.8 HIGH |
ESTsoft ALZip before 10.76 allows local users to execute arbitrary code via creating a malicious .DLL file and installing it in a specific directory: %PROGRAMFILES%\ESTsoft\ALZip\Formats, %PROGRAMFILES%\ESTsoft\ALZip\Coders, %PROGRAMFILES(X86)%\ESTsoft\ALZip\Formats, or %PROGRAMFILES(X86)%\ESTsoft\ALZip\Coders. | |||||
CVE-2005-3194 | 1 Estsoft | 1 Alzip | 2017-07-10 | 5.1 MEDIUM | N/A |
Multiple buffer overflows in ALZip 6.12 (Korean), 6.1 (International), and 5.52 (English) allow remote attackers to execute arbitrary code via a long filename in a compressed (1) ALZ, (2) ARJ, (3) ZIP, (4) UUE, or (5) XXE archive. | |||||
CVE-2011-1336 | 1 Estsoft | 1 Alzip | 2011-07-07 | 9.3 HIGH | N/A |
Buffer overflow in ALZip 8.21 and earlier allows remote attackers to execute arbitrary code via a crafted mim file. |