CVE-2004-1465

WinZip 9.0 - Buffer Overflow via Command Line

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-1465. PoCs published by ATmaCA.

AI-analyzed exploit summary This exploit leverages a local buffer overflow in WinZip 8.1 via a crafted .tmp file and command-line arguments to execute arbitrary shellcode, launching cmd.exe. The shellcode is hardcoded with a WinXP SP2-specific address for system() and a JMP ESP instruction.

Description

Multiple buffer overflows in WinZip 9.0 and earlier may allow attackers to execute arbitrary code via multiple vectors, including the command line.

Exploits (1)

exploitdb WORKING POC VERIFIED

by ATmaCA · c++localwindows

https://www.exploit-db.com/exploits/1034

View Code ZIP pw:eip

This exploit leverages a local buffer overflow in WinZip 8.1 via a crafted .tmp file and command-line arguments to execute arbitrary shellcode, launching cmd.exe. The shellcode is hardcoded with a WinXP SP2-specific address for system() and a JMP ESP instruction.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: WinZip 8.1

No auth needed

Prerequisites: WinZip 8.1 installed · Local access to the target system · WinXP SP2 environment for reliable execution

MITRE ATT&CK