Threat Monitor
Troj.Clicker.JS.Agent.gr
| Aliase: | |
|---|---|
| Pattern: | 201005301330 |
| Threat Typ | Verbreitung | Betroffene Systeme | Gefährlichkeit |
|---|---|---|---|
|
|
|
Description: ZipGenius is prone to a code execution vulnerability.
The vulnerability is caused due to a boundary error within the InfoTip Shell Extension in the zgtips.dll when processing overly long file names within a zip archive. This dll allows for shell integration and will display the contents of a zip file when you hover the mouse over the archive file. Apparently this doesn't deal well with a specially crafted zip file containing a overly long filename, resulting in a stack buffer overflow. By persuading a victim to mouse over a specially-crafted .zip file, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
Affected: WinInizio.it Software ZipGenius 6.3.1.2552
The vulnerability is caused due to a boundary error within the InfoTip Shell Extension in the zgtips.dll when processing overly long file names within a zip archive. This dll allows for shell integration and will display the contents of a zip file when you hover the mouse over the archive file. Apparently this doesn't deal well with a specially crafted zip file containing a overly long filename, resulting in a stack buffer overflow. By persuading a victim to mouse over a specially-crafted .zip file, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
Affected: WinInizio.it Software ZipGenius 6.3.1.2552
