How severe is CVE-2024-8811?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.8 out of 10.

What type of vulnerability is CVE-2024-8811?

This is classified as CWE-693, which is a common weakness in software security.

CVE-2024-8811 - HIGH Severity | CVSS 7.8

Vulnerability Description

WinZip Mark-of-the-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of WinZip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of archive files. When opening an archive that bears the Mark-of-the-Web, WinZip removes the Mark-of-the-Web from the archive file. Following extraction, the extracted files also lack the Mark-of-the-Web. An attacker can leverage this vulnerability to execute arbitrary code in the context of the current user. Was ZDI-CAN-23983.

Related Vulnerabilities

CVE-2017-6261

HIGH

CVSS:7.8(High)

NVIDIA Vibrante Linux version 1.1, 2.0, and 2.2 contains a vulnerability in the user space driver in which protection mechanisms are insufficient, may lead to denial of service or information disclosu...

CWE-6932017

CVE-2018-11459

HIGH

CVSS:7.8(High)

A vulnerability has been identified in SINUMERIK 808D V4.7 (All versions), SINUMERIK 808D V4.8 (All versions), SINUMERIK 828D V4.7 (All versions < V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions <...

CWE-6932018

CVE-2018-11460

HIGH

CVSS:7.8(High)

CWE-6932018

CVE-2018-9312

HIGH

CVSS:7.8(High)

The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018 allows a local attack when a USB de...

CWE-6932018

CVE-2018-9320

HIGH

CVSS:7.8(High)

CWE-6932018

CVE-2018-9322

HIGH

CVSS:7.8(High)

The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018 allows local attacks involving the ...

CWE-6932018