Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.
[
{
"product": "UnZip",
"vendor": "Info-ZIP",
"versions": [
{
"status": "affected",
"version": "6.0 and earlier"
}
]
}
]