Vulnerability Database

314,486

Total vulnerabilities in the database

CVE-2003-1376

WinZip 8.0 uses weak random number generation for password protected ZIP files, which allows local users to brute force the encryption keys and extract the data from the zip file by guessing the state of the stream coder.

Published: Dec 31, 2003
Updated: Nov 9, 2025
CVE: CVE-2003-1376
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.6
AV:L/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-255

Affected Software
References

Software	From	Fixed in
winzip / winzip	8.0	8.0.x

http://securityreason.com/securityalert/3265
http://www.securityfocus.com/archive/1/311059
http://www.securityfocus.com/bid/6805
https://exchange.xforce.ibmcloud.com/vulnerabilities/11296

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo