CVE-2020-24175

Name of the Vulnerable Software and Affected Versions: Yz1 versions 0.30 through 0.32 IZArc version 4.4 ZipGenius version 6.3.2.3116 Explzh (extension) version 8.14

Description: A buffer overflow issue allows attackers to execute arbitrary code via a crafted archive file, related to filename handling. This issue affects various software products that utilize the vulnerable Yz1 component.

Recommendations: For Yz1 versions 0.30 through 0.32, update to a version that fixes the buffer overflow issue. For IZArc version 4.4, consider disabling the use of Yz1 until a patch is available. For ZipGenius version 6.3.2.3116, restrict the handling of archive files to minimize the risk of exploitation. For Explzh (extension) version 8.14, avoid using the extension with potentially crafted archive files until the issue is resolved.