A little more info. From TruSecure.

Vulnerability Description:
WinZip 9.0 and prior contains multiple security issues that may allow a remote attacker to cause a buffer overflow and possibly execute arbitrary code.
The first issue is due to improper validation of command line arguments. A local attacker could submit a specially crafted command line argument to overflow a buffer and possibly execute arbitrary code.
The second issue is due to a remotely exploitable buffer. It is currently unknown how an attacker can exploit this issue to overflow the buffer and what impact it would have on the affected system.

Impact:
The impact of this issue is currently unknown. It is likely that a successful exploit would lead to denial of service conditions or arbitrary code execution.

Safeguards:
Administrators are advised to apply the patch provided by WinZip.
Users are advised to not open archives from untrusted sources.
Administrators are advised to restrict local access to trusted users.

Product Sets:
The security vulnerability applies to the following combinations of products.
Primary Products:WinZip Computing, Inc. WinZip 6.2 | 7.0 | 8.0 | 8.1 Base, SR1 | 9.0