CVE-2006-2909

CVE-2006-2909 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Stack-based buffer overflow in the info tip shell extension (zipinfo.dll) in PicoZip 4.01 allows remote attackers to execute arbitrary code via a long filename in an (1) ACE, (2) RAR, or (3) ZIP archive, which is triggered when the user moves the mouse over the archive.

Learn more about our User Device Pen Test.