3.7 Low
CVSS2
Access Vector
LOCAL
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:H/Au:N/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
58.7%
A buffer overflow in the command line argument parsing has been
discovered in unzip, the de-archiver for ZIP files, that could lead to
the execution of arbitrary code.
For the old stable distribution (woody) this problem has been fixed in
version 5.50-1woody6.
For the stable distribution (sarge) this problem has been fixed in
version 5.52-1sarge4.
For the unstable distribution (sid) this problem has been fixed in
version 5.52-7.
We recommend that you upgrade your unzip package.
CPE | Name | Operator | Version |
---|---|---|---|
unzip | eq | 5.52-1sarge1 | |
unzip | eq | 5.52-1sarge3 | |
unzip | eq | 5.52-1sarge2 | |
unzip | eq | 5.52-1 |