CVE-2005-3317

Name of the Vulnerable Software and Affected Versions ZipGenius versions 5.5.1.468 through 6.0.2.1041

Description The issue allows remote attackers to execute arbitrary code via multiple stack-based buffer overflows. This can occur through a ZIP archive with a file that has a long filename, which is not properly handled by various components, including zipgenius.exe, zg.exe, zgtips.dll, and contmenu.dll. Additionally, a long original name in a UUE, XXE, or MIM file can be exploited, as well as an ACE archive with a file that has a long filename, which is not properly handled by unacev2.dll.

Recommendations For versions 5.5.1.468 through 6.0.2.1041, update to version 6.0.2.1050 or later to resolve the issue.