CVE-2019-12807

Name of the Vulnerable Software and Affected Versions Alzip versions 10.83 and earlier

Description The issue is caused by improper bounds checking during the parsing of crafted ISO archive file format, leading to a stack-based buffer overflow. This could allow an attacker to execute arbitrary code by persuading a victim to open a specially-crafted ISO archive file.

Recommendations For versions 10.83 and earlier, update to a version later than 10.83 to resolve the issue. As a temporary workaround, consider avoiding the use of crafted ISO archive files until a patch is available. Restrict access to untrusted ISO archive files to minimize the risk of exploitation.