Vulnerability Name: PicoZip "zipinfo.dll" Multiple Archives BufferOverflow Risk Level: Medium CVE: CVE-2006-2909 CVSS Base Score: 7.5/10 Description of Vulnerability: The vulnerability is caused due to a boundary error within the "zipinfo.dll" info tip shell extension when reading a ACE, RAR, or ZIP archive that contains a file with an overly long filename. This can be exploited to cause a stack-based buffer overflow when the user moves the mouse cursor over a malicious archive either in Windows Explorer or from any program that uses the file-open dialog box. Successful exploitation allows arbitrary code execution. Solution: Update to version 4.02. http://www.picozip.com/downloads.html Affected Software: PicoZip version 4.01. Prior versions may also be affected. Severity: Moderately Critical. Impact: System Access. Where: Remote. Discovery Credit: Discovered by Tan Chew Keong, Secunia Research. References: The Common Vulnerabilities and Exposures (CVE) project has assigned CVE-2006-2909 for the vulnerability. http://www.picozip.com/changelog.html Verification: Please verify this advisory by visiting the Secunia website: http://secunia.com/secunia_research/2006-42/advisory/