Lucene search

K
cvelistRedhatCVELIST:CVE-2014-8139
HistoryJan 31, 2020 - 10:00 p.m.

CVE-2014-8139

2020-01-3122:00:28
redhat
www.cve.org
5

AI Score

8.3

Confidence

High

EPSS

0.007

Percentile

79.6%

Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.

CNA Affected

[
  {
    "product": "UnZip",
    "vendor": "Info-ZIP",
    "versions": [
      {
        "status": "affected",
        "version": "6.0 and earlier"
      }
    ]
  }
]