ALZip MIM File Processing Buffer Overflow Vulnerability Network Vulnerability

Summary

This host has ALZip installed and is prone to buffer overflow vulnerability. Vulnerabilities Insight: The flaw is due to an error in libETC.dll when processing the 'filename' field within MIM files.

Impact

Successful exploitation will allow attackers to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions. Impact Level: System/Application

Solution

Upgrade to version 8.21 published after June 29th, 2011 For updates refer to http://www.altools.com/ALTools/ALZip.aspx ***** NOTE: Ignore this warning if above mentioned version is already installed. *****

Affected

ALZip version 8.21 and prior.

References

http://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000048.html
http://secunia.com/advisories/45108

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-1336
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Reader 'File Extension' Buffer Overflow Vulnerability (Mac OS X)
Adobe Reader 'Plug-in' Buffer Overflow Vulnerability (Mac OS X)
Adobe Acrobat and Reader SING 'uniqueName' Buffer Overflow Vulnerability (Win)
Adobe Reader 'File Extension' Buffer Overflow Vulnerability (Windows)
BSPlayer Stack Overflow Vulnerability BLS

Take action and discover your vulnerabilities