CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2003-1376
https://notcve.org/view.php?id=CVE-2003-1376
31 Dec 2003 — WinZip 8.0 uses weak random number generation for password protected ZIP files, which allows local users to brute force the encryption keys and extract the data from the zip file by guessing the state of the stream coder. • http://securityreason.com/securityalert/3265 • CWE-255: Credentials Management Errors •
CVSS: 8.4EPSS: 30%CPEs: 20EXPL: 0CVE-2002-0370
https://notcve.org/view.php?id=CVE-2002-0370
05 Oct 2002 — Buffer overflow in the ZIP capability for multiple products allows remote attackers to cause a denial of service or execute arbitrary code via ZIP files containing entries with long filenames, including (1) Microsoft Windows 98 with Plus! Pack, (2) Windows XP, (3) Windows ME, (4) Lotus Notes R4 through R6 (pre-gold), (5) Verity KeyView, and (6) Stuffit Expander before 7.0. Desbordamiento de búfer en la capacidad ZIP de múltiples productos permite a atacantes remotos causar una denegación de servicio o ejecu... • http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0009.html •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2001-0449
https://notcve.org/view.php?id=CVE-2001-0449
27 Jun 2001 — Buffer overflow in WinZip 8.0 allows attackers to execute arbitrary commands via a long file name that is processed by the /zipandemail command line option. • http://www.securityfocus.com/archive/1/166211 •