Lucene search

K
nvd[email protected]NVD:CVE-2015-7697
HistoryNov 06, 2015 - 6:59 p.m.

CVE-2015-7697

2015-11-0618:59:05
CWE-399
web.nvd.nist.gov
11
info-zip unzip 6.0
remote attackers
denial of service
bzip2
zip archive

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

AI Score

5.3

Confidence

High

EPSS

0.044

Percentile

92.4%

Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service (infinite loop) via empty bzip2 data in a ZIP archive.

Affected configurations

Nvd
Node
canonicalubuntu_linuxMatch12.04lts
OR
canonicalubuntu_linuxMatch14.04lts
OR
canonicalubuntu_linuxMatch15.04
OR
canonicalubuntu_linuxMatch15.10
OR
debiandebian_linuxMatch7.0
OR
debiandebian_linuxMatch8.0
Node
unzip_projectunzipMatch6.0
VendorProductVersionCPE
canonicalubuntu_linux12.04cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
canonicalubuntu_linux14.04cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
canonicalubuntu_linux15.04cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*
canonicalubuntu_linux15.10cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
debiandebian_linux7.0cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
debiandebian_linux8.0cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
unzip_projectunzip6.0cpe:2.3:a:unzip_project:unzip:6.0:*:*:*:*:*:*:*

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

AI Score

5.3

Confidence

High

EPSS

0.044

Percentile

92.4%