Public exploit · Metasploit Module

TugZip 3.5 Zip File Parsing Buffer Overflow Vulnerability

Published Rocco Calvi

Exploit summary

A stack-based buffer overflow vulnerability in TugZip 3.5 allows arbitrary code execution when a specially crafted zip file is opened. An attacker must convince the target to load the file by double click or file open.

Source & references