CVE-2010-1685

Cursorarts Zipwrangler - Memory Corruption

Title source: rule

Description

Stack-based buffer overflow in CursorArts ZipWrangler 1.20 allows user-assisted remote attackers to execute arbitrary code via a ZIP file containing a file with a long filename.

Exploits (1)

exploitdb WORKING POC VERIFIED

by TecR0c & Sud0 · perllocalwindows

https://www.exploit-db.com/exploits/12368

View Code ZIP pw:eip

References (4)

[Third Party Advisory, VDB Entry] http://osvdb.org/64079

[Vendor Advisory] http://secunia.com/advisories/39575

[Various Sources] http://www.corelan.be:8800/index.php/forum/security-advisories/corelan-10-031-zip-wrangler-1-20-buffer-overflow/

[Mailing List] https://seclists.org/fulldisclosure/2010/Apr/331

Scores

EPSS 0.1469

EPSS Percentile 94.5%

Details

CWE

CWE-119

Status published

Products (1)

cursorarts/zipwrangler 1.20

Published May 04, 2010

Tracked Since Feb 18, 2026