CVE-2006-3890 Information

Description

Stack-based buffer overflow in the Sky Software FileView ActiveX control as used in WinZip 10 before build 7245 and in certain other applications allows remote attackers to execute arbitrary code via a long FilePattern attribute in a WZFILEVIEW object a different vulnerability than CVE-2006-5198.

Reference

http://secunia.com/advisories/22891 http://www.kb.cert.org/vuls/id/225217 http://www.securityfocus.com/archive/1/451566/100/0/threaded http://www.securityfocus.com/bid/21060 http://www.securityfocus.com/bid/21108 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-067 https://www.exploit-db.com/exploits/2785