CVE-2003-1376

2007-10-1910:00:00

mitre

www.cve.org

6.5 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

WinZip 8.0 uses weak random number generation for password protected ZIP files, which allows local users to brute force the encryption keys and extract the data from the zip file by guessing the state of the stream coder.

References

securityreason.com/securityalert/3265

www.securityfocus.com/archive/1/311059

www.securityfocus.com/bid/6805

exchange.xforce.ibmcloud.com/vulnerabilities/11296