CVE-2004-1465

Winzip - Buffer Overflow

Title source: rule

Description

Multiple buffer overflows in WinZip 9.0 and earlier may allow attackers to execute arbitrary code via multiple vectors, including the command line.

Exploits (1)

exploitdb WORKING POC VERIFIED

by ATmaCA · c++localwindows

https://www.exploit-db.com/exploits/1034

View Code ZIP pw:eip

References (7)

[Mailing List] http://marc.info/?l=bugtraq&m=109416099301369&w=2

[Patch] http://securitytracker.com/id?1011132

[Vendor Advisory] http://www.ciac.org/ciac/bulletins/o-211.shtml

[Patch] http://www.securityfocus.com/bid/11092

[Patch] http://www.winzip.com/wz90sr1.htm

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/17192

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/17197

Scores

EPSS 0.0254

EPSS Percentile 85.5%

Details

Status published

Products (4)

winzip/winzip 7.0

winzip/winzip 8.0

winzip/winzip 8.1 (2 CPE variants)

winzip/winzip 9.0

Published Dec 31, 2004

Tracked Since Feb 18, 2026