WinZip.FileView.ActiveX.Control.Method.Remote.Code.Execution
Description
This indicates an attempt to exploit a Buffer Overflow vulnerability in WinZip.
The vulnerability is in an ActiveX control that is installed with the package. By exploiting it a remote attacker can execute arbitrary code in the context of the application using the affected ActiveX control.
Affected Products
WinZip versions prior to 10.0 Build 7245.
Impact
System Compromise: A remote attacker can execute arbitrary code on vulnerable systems.
Recommended Actions
Upgrade to WinZip 10.0 Build 7245:
http://www.winzip.com/prod_down.htm
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |