Slashdot Mirror

← Back to Stories (view on slashdot.org)

StuffIt 6.5.x and Earlier Allows Buffer Overflow

Posted by pudge on Wednesday October 2, 2002 @02:19PM from the security-good-overflow-bad dept.

A user writes in that Aladdin Systems has announced that StuffIt, versions 6.5.x and earlier for Mac OS and Mac OS X, "may contain a flaw that would cause expanding certain maliciously crafted .zip archives to execute unwanted instructions or code." Aladdin notes that no such "trojan horses" have been reported. StuffIt Expander 7.0 is, as with previous versions, free to download and use.

1 of 62 comments (clear)

Min score:

Reason:

Sort:

Re:Is this really a problem? by galaxy300 · 2002-10-02 15:13 · Score: 2, Insightful

Sometimes people do need to transfer files from PC to Mac, and often Zip is the only compression scheme available to those PC users.

--
seriouslyexcited.net