WinZip <= 9.0 Multiple Unspecified Overflows

Low Nessus Plugin ID 17362


The remote host has an application that is affected by multiple buffer overflow vulnerabilities.


The remote host is using a version of WinZip that is prior to 9.0-SR1.
It is, therefore, affected by several buffer overflow flaws that can allow an attacker to execute arbitrary code on the host by convincing a user to open a malformed archive file.


Upgrade to WinZip 9.0-SR1 or later.

See Also

Plugin Details

Severity: Low

ID: 17362

File Name: winzip_overflows.nasl

Version: $Revision: 1.16 $

Type: local

Agent: windows

Family: Windows

Published: 2005/03/18

Modified: 2016/11/29

Dependencies: 78673

Risk Information

Risk Factor: Low


Base Score: 3.7

Temporal Score: 2.7

Vector: CVSS2#AV:L/AC:H/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:winzip:winzip

Required KB Items: SMB/Registry/Enumerated, installed_sw/WinZip

Exploit Available: false

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 2004/09/01

Reference Information

CVE: CVE-2004-1465

BID: 11092

OSVDB: 9511