CVE-2010-1597

Name of the Vulnerable Software and Affected Versions ZipGenius version 6.3.1.2552

Description The issue is a stack-based buffer overflow in the zgtips.dll component, which allows remote attackers to execute arbitrary code. This can be achieved by creating a ZIP file with an entry that has a long filename, and then tricking a user into opening this file.

Recommendations For ZipGenius version 6.3.1.2552, consider avoiding the use of ZIP files from untrusted sources until a patch is available. As a temporary workaround, restrict the handling of ZIP files with long filenames to minimize the risk of exploitation.