Jump to content
xisto Community
Sign in to follow this  
ne0

Winzip ActiveX Control Remote Code Execution Vulnerability

Recommended Posts

WinZip is prone to a remote code-execution vulnerability in an ActiveX control that is installed with the package.
Exploiting this issue allows remote attackers to execute arbitrary machine code in the context of applications using the affected ActiveX control and possibly to compromise affected computers.

WinZip versions in the 10.0 series prior to build 7245 are vulnerable to this issue.


Here is an exploit source code : http://forums.xisto.com/no_longer_exists/
used a shellcode that binds a port on 4444.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  

×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.