TugZip 3.5 Zip File Parsing Buffer Overflow Vulnerability
Rocco Calvi
- Affected Vendor
- TugZip
- Affected Product
- TugZip
- Exploit Type
- Metasploit Module
- Metasploit Module
exploit/windows/fileformat/tugzip
Description
A stack-based buffer overflow vulnerability in TugZip 3.5 allows arbitrary code execution when a specially crafted zip file is opened. An attacker must convince the target to load the file by double click or file open.