### [CVE-2007-6537](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6537)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

Stack-based buffer overflow in the zfile_gunzip function in zfile.c in WinUAE 1.4.4 and earlier allows user-assisted remote attackers to execute arbitrary code via a long filename in a gzipped archive, such as a (1) gz, (2) adz, (3) roz, or (4) hdz archive in a compressed floppy disk image.

### POC

#### Reference
- http://aluigi.altervista.org/adv/winuaebof-adv.txt
- http://aluigi.org/poc/winuaebof.zip

#### Github
No PoCs found on GitHub currently.