Design/Logic Flaw

2008-08-0114:41:00

PRIOn knowledge base

www.prio-n.com

8 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

73.0%

JSON

WinZip before 11.0 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning.

CPENameOperatorVersion
winzipeq7.0
winzipeq10.0
winzipeq8.1 sr1
winzipeq9.0 sr1
winzipeq9.0
winzipeq8.1
winzipeq8.0

Name	Operator	Version
winzip	eq	7.0
winzip	eq	10.0
winzip	eq	8.1 sr1
winzip	eq	9.0 sr1
winzip	eq	9.0
winzip	eq	8.1
winzip	eq	8.0

References

archives.neohapsis.com/archives/bugtraq/2008-07/0250.html

securitytracker.com/id?1020581

www.infobyte.com.ar/down/Francisco%20Amato%20-%20evilgrade%20-%20ENG.pdf

www.infobyte.com.ar/down/isr-evilgrade-1.0.0.tar.gz