CVE-2024-8811
22.11.2024, 21:15
WinZip Mark-of-the-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of WinZip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of archive files. When opening an archive that bears the Mark-of-the-Web, WinZip removes the Mark-of-the-Web from the archive file. Following extraction, the extracted files also lack the Mark-of-the-Web. An attacker can leverage this vulnerability to execute arbitrary code in the context of the current user. Was ZDI-CAN-23983.Enginsight
| Vendor | Product | Version |
|---|---|---|
| winzip | winzip | 𝑥 < 76.8 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-693 - Protection Mechanism FailureThe product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.
- CWE-670 - Always-Incorrect Control Flow ImplementationThe code contains a control flow path that does not reflect the algorithm that the path is intended to implement, leading to incorrect behavior any time this path is navigated.