WinZip 11.x 'gdiplus.dll' Unspecified Vulnerability

This script is Copyright (C) 2008-2015 Tenable Network Security, Inc.


Synopsis :

The remote Windows host has an application that is affected by an
unspecified vulnerability.

Description :

The version of WinZip installed on the remote host is prior to 11.2
SR-1 (Build 8261). It is, therefore, affected by an unspecified
vulnerability since it is known to ship with an old version of the
Microsoft DLL file 'gdiplus.dll'.

Note that only WinZip versions 11.x on Windows 2000 systems use this
file and are thus affected by this issue.

See also :

http://update.winzip.com/wz112sr1.htm

Solution :

Upgrade to WinZip 11.2 SR-1 (Build 8261) or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.9
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 34335 ()

Bugtraq ID: 31485

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now