A vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of WinZip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. Affected is WinZip 10.0 (pre build 7245).
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/52165/ZDI-06-040.txt
Source: https://packetstormsecurity.com/files/52165/Zero-Day-Initiative-Advisory-06-040.html