GetRight Skin File (*.grs) Buffer Overflow May Let Remote Users Run Arbitrary Code Application: GetRight Headlight Software www.getright.com Author: ATmaCA a remote user can create a malicious skin file (*.grs) that, when loaded by the target user, will trigger a buffer overflow in DUNZIP32.DLL (4.0.0.3) and potentially execute arbitrary code. AFFECTED VERSION: Versions verified to be vulnerable: GetRight 5.2a and prior versions are affected. Solutions: There was no response. Exploit: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/677.grs (c_skin.grs) When you copy or click this link, getright automaticly download and try to load crafted skin and will trigger buffer overflow # milw0rm.com [2004-12-06]