iDEFENSE Security Advisory 02.27.04a: Exploitation of a buffer overflow vulnerability within a parameter parsing routine of WinZip Computing Inc.'s WinZip Archive Utility for Windows allows remote attackers to execute arbitrary code. Versions below 9.0 affected.
53517af4c8cb6810ce93d885a7fbe09d4bed96da22e7c1e59bf7a257545b5c81
Proof of concept exploit for the WinZip32 MIME Parsing Overflow. Tested against WinZip 8.1 on Windows XP SP1 and Windows 2000 SP1. Instructions for use are included.
8a7e5cb801e4ff9423fec6d0c994638590a6f7103e548f3888181d78cc1db3c2