What is CVE-2006-5198?

CVE-2006-5198 is a vulnerability in N/a. Published 2006-11-14.

Is CVE-2006-5198 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2006-5198

The WZFILEVIEW.FileViewCtrl.61 ActiveX control (aka Sky Software "FileView" ActiveX control) for WinZip 10.0 before build 7245 allows remote attackers to execute arbitrary code via unspecified "unsafe methods."

EPSS: 0.689 (98.6th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

rapid7/metasploit-framework

References

www.zerodayinitiative.com/advisories/ZDI-06-040.html (x_refsource_MISC)
www.winzip.com/wz7245.htm (x_refsource_CONFIRM)
22891 (x_refsource_SECUNIA, third-party-advisory)
21060 (vdb-entry, x_refsource_BID)
VU#512804 (x_refsource_CERT-VN, third-party-advisory)
1017226 (vdb-entry, x_refsource_SECTRACK)
20061114 ZDI-06-040: WinZip FileView ActiveX Control Unsafe Method Exposure Vulnerability (mailing-list, x_refsource_BUGTRAQ)
ADV-2006-4509 (vdb-entry, x_refsource_VUPEN)
MS06-067 (x_refsource_MS, vendor-advisory)
isc.sans.org/diary.php (x_refsource_MISC)

Frequently asked questions

What is CVE-2006-5198?: CVE-2006-5198 is a vulnerability in N/a. Published 2006-11-14.
Is CVE-2006-5198 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.