WinZip Mark-of-the-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of WinZip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of archive files. When opening an archive that bears the Mark-of-the-Web, WinZip removes the Mark-of-the-Web from the archive file. Following extraction, the extracted files also lack the Mark-of-the-Web. An attacker can leverage this vulnerability to execute arbitrary code in the context of the current user. Was ZDI-CAN-23983.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.zerodayinitiative.com/advisories/ZDI-24-1234/ |
History
Mon, 02 Dec 2024 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Winzip
Winzip winzip |
|
CPEs | cpe:2.3:a:winzip:winzip:*:*:*:*:*:*:*:* | |
Vendors & Products |
Winzip
Winzip winzip |
|
Metrics |
ssvc
|
Fri, 22 Nov 2024 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | WinZip Mark-of-the-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of WinZip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of archive files. When opening an archive that bears the Mark-of-the-Web, WinZip removes the Mark-of-the-Web from the archive file. Following extraction, the extracted files also lack the Mark-of-the-Web. An attacker can leverage this vulnerability to execute arbitrary code in the context of the current user. Was ZDI-CAN-23983. | |
Title | WinZip Mark-of-the-Web Bypass Vulnerability | |
Weaknesses | CWE-693 | |
References |
| |
Metrics |
cvssV3_0
|
MITRE
Status: PUBLISHED
Assigner: zdi
Published: 2024-11-22T21:03:11.483Z
Updated: 2024-12-02T20:49:19.327Z
Reserved: 2024-09-13T18:05:09.514Z
Link: CVE-2024-8811
Vulnrichment
Updated: 2024-12-02T20:49:12.368Z
NVD
Status : Received
Published: 2024-11-22T21:15:19.220
Modified: 2024-11-22T21:15:19.220
Link: CVE-2024-8811
Redhat
No data.