Lucene search

K
cvelistRedhatCVELIST:CVE-2014-8139
HistoryJan 31, 2020 - 10:00 p.m.

CVE-2014-8139

2020-01-3122:00:28
redhat
www.cve.org

8.3 High

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.8%

Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.

CNA Affected

[
  {
    "product": "UnZip",
    "vendor": "Info-ZIP",
    "versions": [
      {
        "status": "affected",
        "version": "6.0 and earlier"
      }
    ]
  }
]