Date: Wed, 1 Sep 2004 07:31:24 -0400 Subject: http://www.winzip.com/wz90sr1.htm WinZip reported discovering some vulnerabilities, including potential buffer overflows, during an internal review of the WinZip code. In addition, a WinZip user discovered a buffer overflow, where a local user can supply a specially crafted WinZip command line to trigger the overflow. A fix (9.0 SR-1) is available at: http://www.winzip.com/upgrade.htm ------------------------------------------ I don't have more informations. You can just check http://www.securitytracker.com/alerts/2004/Sep/1011132.html Regards. Jérôme
