CVEs-PoC/2020/CVE-2020-24175.md

### [CVE-2020-24175](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24175)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

Buffer overflow in Yz1 0.30 and 0.32, as used in IZArc 4.4, ZipGenius 6.3.2.3116, and Explzh (extension) 8.14, allows attackers to execute arbitrary code via a crafted archive file, related to filename handling.

### POC

#### Reference
- https://gist.github.com/illikainen/ced14e08e00747fef613ba619bb25bb4
- https://illikainen.dev/advisories/014-yz1-izarc

#### Github
No PoCs found on GitHub currently.