CVE-2025-46652
- EPSS 0.19%
- Veröffentlicht 26.04.2025 00:00:00
- Zuletzt bearbeitet 24.10.2025 20:16:19
In IZArc through 4.5, there is a Mark-of-the-Web Bypass Vulnerability. When a user performs an extraction from an archive file that bears Mark-of-the-Web, Mark-of-the-Web is not propagated to the extracted files. NOTE: this is disputed because Mark-o...
CVE-2014-2720
- EPSS 2.01%
- Veröffentlicht 27.05.2014 11:15:39
- Zuletzt bearbeitet 12.04.2025 10:46:40
IZArc 4.1.8 displays a file's name on the basis of a ZIP archive's Central Directory entry, but launches this file on the basis of a ZIP archive's local file header, which allows user-assisted remote attackers to conduct file-extension spoofing attac...
CVE-2010-5235
- EPSS 0.06%
- Veröffentlicht 07.09.2012 10:32:19
- Zuletzt bearbeitet 11.04.2025 00:51:21
Untrusted search path vulnerability in IZArc Archiver 4.1.2 allows local users to gain privileges via a Trojan horse ztv7z.dll file in the current working directory, as demonstrated by a directory that contains a .arj file. NOTE: some of these detai...