Published:2011/06/29  Last Updated:2011/06/30

ALZip vulnerable to buffer overflow


ALZip provided by ESTsoft Japan Corp. contains a buffer overflow vulnerability.

Products Affected

  • ALZip v8.21 and earlier
According to the developer, copies of version 8.21 that were downloaded prior to June 29, 2011 are affected by this issue.


ALZip is a file compression/extraction software from ESTsoft Japan Corp. ALZip contains a buffer overflow vulnerability due to improper handling of mim files.


When opening a specially crafted file, arbitrary code may be executed.


Re-install the software
Download ALZip 8.21 after June 29, 2011 12:00 (JST) from the developer's website, and then re-install it.

According to the developer, "Automatic updates will not be provided since the version number did not change".
In the fixed version, the Readme file contains a statement, "A fix for a issue when unpacking a specific file type"

Vendor Status

Vendor Status Last Update Vendor Notes
ESTsoft Corp. vulnerable 2011/06/29


  1. IPA
    Security Alert for ALZip Vulnerability

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

Analyzed on 2011.06.29

Measures Conditions Severity
Access Required can be attacked over the Internet using packets
  • High
Authentication anonymous or no authentication (IP addresses do not count)
  • High
User Interaction Required the user must be convinced to take a standard action that does not feel harmful to most users, such as click on a link or view a file
  • Mid
Exploit Complexity some expertise and/or luck required (most buffer overflows, guessing correctly in small space, expertise in Windows function calls)
  • Mid-High

Description of each analysis measures


Takahiko Funakubo of Fourteenforty Research Institute, Inc reported this vulnerability to IPA.
JPCERT/CC coordinated with the vendor under Information Security Early Warning Partnership.

Other Information

JPCERT Reports
CERT Advisory
CPNI Advisory
CVE CVE-2011-1336
JVN iPedia JVNDB-2011-000048

Update History

Information under the sections "References" were modified.