ALZip is vulnerable to a stack buffer overflow in libETC.dll due to improper parsing of the filename or name parameter within MIM file headers if an overly long filename is provided. The exploit is triggered when the user opens the malicious MIM file using from the windows explorer or from the main interface of the program. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by opening the file.
CVE Link
Exploit Platform
Exploit Type
Product Name