Compression Plus CP5DLL32.DLL ZOO Archive Header Processing Overflow RCE
Medium Nessus Plugin ID 22308
SynopsisA library file installed on the remote Windows host is affected by a remote code execution vulnerability.
DescriptionThe version of the Compression Plus toolkit installed on the remote Windows host contains a DLL file that is affected by a stack-based overflow condition when processing specially crafted ZOO files. A remote attacker can exploit this issue, via an inconsistent size parameter in a ZOO file header, to execute arbitrary code.
SolutionContact the vendor for a fix or upgrade file Cp5dll32.dll to version 126.96.36.199 or later.