This patch addresses two vulnerabilities. An unchecked buffer exists in the program that handles the decompressing of files from a zipped file. When this program tries to open a file that has a specially malformed file name that is contained in a zipped file, Windows Explorer may fail, or an attacker may be able to run any code. This behavior creates a security vulnerability.
The second vulnerability is that the decompression function may put a file in a folder that is different from, or that is a child of, the target folder that is specified by the user as the location where the decompressed ZIP files are put. This behavior may allow an attacker to put a file in a known location on the user's computer; for example, an attacker may put a program in a Startup folder.
Like it? Share with your friends!
Other Windows Software of Developer «Microsoft»:
Generico Sample Smart Client Application This application extends the Generico Sample application specification produced by the Middleware Company on their SOABlueprints Website. The extensions involve a smart client application and device (PPC and SmartPhone) interfaces for the Generico applicat
Microsoft Windows 2000 Server Update: Terminal Services This update includes two "Terminal Services Licensing Enhancements" for Windows 2000, and is discussed in Microsoft Knowledge Base (KB) Article Q287687. Download now to improve the way Windows 2000 handles Terminal Services (TS) Client Access License (CAL)
Update for Outlook 2007 Junk E-mail Filter (KB924884) Update for Outlook 2007 Junk E-mail Filter (KB924884) provides the Junk E-mail Filter in Microsoft Office Outlook 2007 with a more current definition of which e-mail messages should be considered junk e-mail. This update was released in February 2007. This
Platform SDK Redistributable: HTML Help Platform SDK Redistributable: HTML Help contains the redistributable files for HTML Help version 1.3. This version is the first release on CNET Download.com.What is new in this release:This version is the first release on CNET Download.com.Requirements:Win
Microsoft Outlook 2000 Collaboration Data Objects (CDO) The Outlook 2000 Collaboration Data Objects (CDO) Security Update provides a higher level of security against most viruses, such as the ILOVEYOU and Melissa viruses, as well as other viruses that spread themselves through e-mail.Requirements:Windows NT 4 S
Rule COM Component The Rule COM component provides a scriptable (ActiveX) set of objects that can be used to manage a Microsoft Exchange 5.5 Information Store folder's rules using a CDO 1.2.1 Folder object. Microsoft Exchange 5.5 folder rules are stored in the Exchange Store
Corner9904 Code sample tying together Extensible Markup Language (XML), Extensible Stylesheet Language (XSL), JScript, and cascading style sheets (CSS) to create a hierarchical Dynamic HTML (DHTML) Table of Contents (TOC). This version is the first release on CNET Do
Windows CE Platform Builder 2.12 QFE 16 Fixes made in this QFE:Components: SCHANNELDescription: Verisign changed their hashing algorithm from MD-5 to SHA1. This version is the first release on CNET Download.com.What is new in this release:This version is the first release on CNET Download.com.Re
Application Center 2000 - List Events Tool Use this tool to listen to Application Center, Windows, and Health Monitor events and display them in a similar format to the Application Center event viewer in the Application Center snap-in. This version is the first release on CNET Download.com.What is
USB Flash Security Add encryption to USB Flash Drive on the market.
It locks by the password by only removing!
Data in a USB Flash Drive is protected by a password.Useful Security Tool.
[Install on USB Flash Drive]
Install the tool which is for unlocking se
PDF Password Remover Free This is a very simple and fast freeware utility that allows you to remove protection from pdf files. This program will be especially useful in cases where you remove pdf password is needed, but the computer no tools to work with a pdf file. This tool allow
Lockit Protecting your PC from unwanted use can be tricky, time consuming, or inconvenient. Lockit provides you with a simple, secure and fast way to do this. Just set a password, click 'Lock' and your computer and all the applications on it are then protected fr
VIF - Very Important Files Your business is very important, your data is secret Your projects costs you a lot of time and effort How to protect it? Credit cards data - Banks accounts, passwords, videos, docs, folders,!!! How to secure it? Very Important Files VIF Software protect th
Remora USB File Guard Pro Remora USB File Guard Pro is designed to encrypt, compress, and auto back up files in your USB storage devices. With Remora USB File Guard Pro, you can secure all your files and store them in USB disk anytime and anywhere using strong AES 256-bit encryptio
Digital-Fever Hash Computer Universal Hash Computer Tool. This tool can calculate MD5, MD2, SHA1 hashes of very large files in seconds. Very useful tool for Security Experts, Penetration Testers, Password Forensic Experts and other professionals in the field of Cyber Security. With a
EstegoProteccion "EstegoProteccion" is a program perfoming steganographic manipulation to hide the information into JPEG picture with additional encryption.
It uses the modern steganographic algorithms like F5 and LSB that hide your information directly inside the image,
BeSafe BeSafe Secure Drive it's a encrypted storage based drive. It's very simple in use where encryption is automatic, real-time (on-the-fly) and transparent. Technology used in our product like parallelization and pipelining allow data to be read and written as
AkeeSoft Password Recovery AkeeSoft Password Recovery is a utility that helps the user to display server names, user logins and passwords for all e-mail and newsgroups accounts stored by Outlook Express and Outlook as well as Identity passwords.Requirements:Windows 95/98/Me/NT/2000/
Asterisk Recovery Genie Asterisk Recovery Genie is a password recovery tool for windows. Asterisk Recovery Genie reveals passwords hidden by asterisks (***) in all windows version (including 98, 2000 and XP). You can use it to recover lost or forgotten passwords in most windows a
Supported Operating Systems:
Windows XP |
Comments on Windows XP Unchecked Buffer in File Decompression Functions Vulnerability Patch:
Comments not found
Windows Software - Free Windows Downloads, Apps, Games, Freeware, Skype, Media Player, Antivirus, Gimp, Live, Starter for Windows XP, Vista, 7, 8, 10