HTTP: WinZip Command Line Unsafe Activex Control
This signature detects attempts to use unsafe ActiveX controls in WinZip. An attacker can create a malicious Web site containing Web pages with dangerous ActiveX controls, which if accessed by a victim, allows the attacker to gain control of the victim's client browser.
Extended Description
WinZip is prone to a remote buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied input before copying it into an insufficiently sized buffer. An attacker may exploit this issue to cause denial-of-service conditions and possibly to execute arbitrary code within the context of the affected application, but this has not been confirmed. This issue affects versions prior to 9.0 SR1.
Affected Products
Winzip winzip
Short Name
HTTP:STC:ACTIVEX:WINZIP-CMDLINE
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Activex CVE-2006-5198 CVE-2006-6884 Command Control Line Unsafe WinZip bid:21060 bid:22020
Release Date
04/08/2013
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Winzip
CVSS Score
9.3
4.0