Lucene search
Arch LinuxASA-201503-9HistoryMar 15, 2015 - 12:00 a.m.
unzip: arbitrary code execution
2015-03-1500:00:00
Arch Linux
lists.archlinux.org
25
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.259 Low
EPSS
Percentile
96.2%
A buffer overflow (out-of-bounds read or write) in test_compr_eb() in
extract.c was found in the way unzip handled an extra field with an
uncompressed size smaller than the compressed field size in a zip
archive that advertises STORED method compression. A specially crafted
Zip archive could cause unzip to crash or, possibly, execute arbitrary code.
Related
nessus
nessus
SUSE SLED12 / SLES12 Security Update : unzip (SUSE-SU-2015:0355-1)
2015-05-20 00:00:00
Fedora 21 : unzip-6.0-18.fc21 (2015-1189)
2015-01-29 00:00:00
Ubuntu 14.04 LTS : unzip vulnerability (USN-2489-1)
2015-02-04 00:00:00
alpinelinux
alpinelinux
CVE-2014-9636
2015-02-06 15:59:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2015:0355-1)
2021-04-19 00:00:00
Ubuntu: Security Advisory (USN-2489-1)
2022-08-26 00:00:00
Fedora Update for unzip FEDORA-2015-1189
2015-01-29 00:00:00
cbl_mariner
cbl_mariner
CVE-2014-9636 affecting package unzip 6.0-20
2024-03-19 17:21:46
CVE-2014-9636 affecting package unzip 6.0-20
2022-04-09 06:51:51
CVE-2014-9636 affecting package unzip 6.0-19
2020-10-08 18:09:51
cve
cve
CVE-2014-9636
2015-02-06 15:59:00
ubuntu
ubuntu
unzip vulnerability
2015-02-03 00:00:00
prion
prion
Out-of-bounds
2015-02-06 15:59:00
fedora
fedora
[SECURITY] Fedora 20 Update: unzip-6.0-15.fc20
2015-01-30 04:35:06
[SECURITY] Fedora 21 Update: unzip-6.0-18.fc21
2015-01-28 19:58:39
[SECURITY] Fedora 20 Update: unzip-6.0-17.fc20
2015-02-23 23:25:28
ubuntucve
ubuntucve
CVE-2014-9636
2014-12-31 00:00:00
freebsd
freebsd
unzip -- out of boundary access issues in test_compr_eb
2014-11-02 00:00:00
debiancve
debiancve
CVE-2014-9636
2015-02-06 15:59:00
checkpoint_advisories
checkpoint_advisories
Unzip Extra Field Uncompressed Size Buffer Overflow (CVE-2014-9636)
2015-04-20 00:00:00
debian
debian
[SECURITY] [DSA 3152-1] unzip security update
2015-02-03 15:04:37
[SECURITY] [DLA 150-1] unzip security update
2015-02-07 13:51:00
[SECURITY] [DSA 3152-1] unzip security update
2015-02-03 15:04:37
securityvulns
securityvulns
[SECURITY] [DSA 3152-1] unzip security update
2015-02-11 00:00:00
UnZip multiple security vulnerabilities
2015-02-22 00:00:00
suse
suse
Security update for unzip (moderate)
2018-07-07 03:08:17
Security update for unzip (moderate)
2018-10-05 21:18:21
osv
osv
unzip - security update
2015-02-07 00:00:00
ibm
ibm
oraclelinux
oraclelinux
unzip security update
2015-03-18 00:00:00
gentoo
gentoo
UnZip: Multiple vulnerabilities
2016-11-01 00:00:00
redhat
redhat
(RHSA-2015:0700) Moderate: unzip security update
2015-03-18 00:00:00
amazon
amazon
Medium: unzip
2015-04-15 21:48:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:17:42
centos
centos
unzip security update
2015-03-18 18:53:06
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.259 Low
EPSS
Percentile
96.2%
Related for ASA-201503-9