Credit: Snyk Security team
This was a directory transversal attack in zip files. This vulnerability got some air time by threatpost, zdnet, slashdot and friends. It had its own webpage, name, and logo. But in the end it was just another directory transversal attack as described in phrack back in 1991. Perhaps this exploit was actually a deep lesson in how security hasn’t improved in twenty years. Doubt it.
Plus everyone knows real exploits need to massage the heap and use return oriented programming.