ALZip 8.51 Buffer Overflow

ALZip version 8.51 suffers from buffer overflow and file creation vulnerabilities.


MD5 | 7de6ec4e6beda80eab0907df5c875f58

[Suggested description]
Buffer overflow in ALZip 8.51 and earlier allows remote attackers to
execute arbitrary code via a crafted DosDevice file.

------------------------------------------

[Additional Information]
To reproduce this issue, create a file named "AUX.3.2.1.e.pwned" using
normal user CMD via following syntax: type AUX >
\\.\C:\ProgramData\AUX.3.2.1.e.PWNED

later you will find that AUX.3.2.1.e.PWNED file has created in
C:\ProgramData folder.

If you just simply "right-click" that file, ALZip's file compression will
cause Stack buffer overflow which allows remote attackers to execute
arbitrary code.

------------------------------------------

[Vulnerability Type]
Buffer Overflow

------------------------------------------

[Vendor of Product]
ESTsoft

------------------------------------------

[Affected Product Code Base]
ALZip - 8.51

------------------------------------------

[Affected Component]
file compression

------------------------------------------

[Attack Type]
Remote

------------------------------------------

[Impact Code execution]
true

------------------------------------------

[Attack Vectors]
via a crafted DosDevice file

------------------------------------------

[Discoverer]
James Lee

Use CVE-2017-11323.

Related Posts