WinZip FileView ActiveX Control Vulnerabilities

This script is Copyright (C) 2006-2016 Tenable Network Security, Inc.


Synopsis :

The remote Windows host has an ActiveX control that is affected by
arbitrary code execution and buffer overflow vulnerabilities.

Description :

The remote host contains a version of the 'FileView' ActiveX control
from Sky Software that is included in third-party products such as
WinZip.

The version of this ActiveX control on the remote host reportedly
exposes several methods that either can be used to execute arbitrary
code or are affected by buffer overflow vulnerabilities. If an
attacker can trick a user on the affected host into visiting a
specially crafted web page, he can leverage these issues to execute
arbitrary code on the host subject to the user's privileges.

See also :

http://www.zerodayinitiative.com/advisories/ZDI-06-040.html
http://seclists.org/fulldisclosure/2006/Nov/245
http://www.winzip.com/wz7245.htm

Solution :

Upgrade to version 6.1.7242.0 or later of the control or WinZip 10
build 7245 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.7
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 23648 ()

Bugtraq ID: 21060
21108

CVE ID: CVE-2006-3890
CVE-2006-5198

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now