Buffer overflow in the UUDeview package, as used in WinZip 6.2 through WinZip 8.1 SR-1, and possibly other packages, allows remote attackers to execute arbitrary code via a MIME archive with certain long MIME parameters.
Software | From | Fixed in |
---|---|---|
winzip / winzip | 7.0 | 7.0.x |
winzip / winzip | 8.0 | 8.0.x |
winzip / winzip | 8.1 | 8.1.x |
winzip / winzip | 8.1-sr1 | 8.1-sr1.x |
openpkg / openpkg | - | - |
gentoo / linux | 1.4 | 1.4.x |
gentoo / linux | 1.4-rc1 | 1.4-rc1.x |
gentoo / linux | 1.4-rc2 | 1.4-rc2.x |
gentoo / linux | 1.4-rc3 | 1.4-rc3.x |
uudeview / uudeview | 0.5.18 | 0.5.18.x |
uudeview / uudeview | 0.5.19 | 0.5.19.x |