CVE-2003-1376 — MEDIUM severity vulnerability (WinZip 8.0 uses weak random number generation for password p)
WinZip 8.0 uses weak random number generation for password protected ZIP files, which allows local users to brute force the encryption keys and extract the data from the zip file by guessing the state of the stream coder.
| CVE ID | CVE-2003-1376 |
|---|---|
| Severity | MEDIUM |
| CVSS score | 4.6 |
| CVSS vector | AV:L/AC:L/Au:N/C:P/I:P/A:P |
| CWE | CWE-255 |
| Status | Modified |
| Published | 2003-12-31 |
| Last modified | 2026-04-16 |
| Description | WinZip 8.0 uses weak random number generation for password protected ZIP files, which allows local users to brute force the encryption keys and extract the data from the zip file by guessing the state of the stream coder. |
| Source | NIST National Vulnerability Database |
🔍 Search all vulnerabilities →
$999/mo
Try CVECheck →