Michal Bednarski

**Name of the Vulnerable Software and Affected Versions** crazy linker (aka Crazy Linker) versions prior to the version included in Google Chrome 47.0.2526.73 Google Chrome versions prior to 47.0.2526.73 **Description** The issue is related to the `FindStartOffsetOfFileInZipFile` function in `crazy linker zip.cpp`, which improperly searches for an EOCD record. This allows attackers to bypass a signature-validation requirement via a crafted ZIP archive. **Recommendations** For crazy linker (aka Crazy Linker) versions prior to the version included in Google Chrome 47.0.2526.73, update to a version included in Google Chrome 47.0.2526.73 or later. For Google Chrome versions prior to 47.0.2526.73, update to version 47.0.2526.73 or later.