CVE-2018-10027

Name of the Vulnerable Software and Affected Versions: ESTsoft ALZip versions prior to 10.76

Description: The issue allows local users to execute arbitrary code by creating a malicious .DLL file and installing it in specific directories, including %PROGRAMFILES%ESTsoftALZipFormats, %PROGRAMFILES%ESTsoftALZipCoders, %PROGRAMFILES(X86)%ESTsoftALZipFormats, or %PROGRAMFILES(X86)%ESTsoftALZipCoders.

Recommendations: For versions prior to 10.76, update to version 10.76 or later to resolve the issue. As a temporary workaround, consider restricting access to the specified directories to minimize the risk of exploitation.