Winzip · Winzip · CVE-2003-1376
**Name of the Vulnerable Software and Affected Versions**
WinZip version 8.0
**Description**
The issue concerns weak random number generation used for password-protected ZIP files. This weakness allows local users to brute force the encryption keys, enabling them to extract data from the ZIP file by guessing the state of the stream coder.
**Recommendations**
For WinZip version 8.0, consider using an alternative method for encrypting ZIP files until a patch or updated version with improved random number generation is available. As a temporary workaround, avoid using password-protected ZIP files with this version to minimize the risk of data extraction.