7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.046 Low
EPSS
Percentile
92.4%
Software: unzip 6.0
OS: Cobalt 7.9
CVE-ID: CVE-2014-9913
CVE-Crit: MEDIUM
CVE-DESC: Buffer overflow in list_files function in list.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service (failure) using vectors associated with the compression method.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2015-7696
CVE-Crit: CRITICAL
CVE-DESC: Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly execute arbitrary code through a password-protected ZIP archive created, possibly associated with Extra- Field Size Value.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2015-7697
CVE-Crit: CRITICAL
CVE-DESC: Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service (infinite loop) by using empty bzip2 data in a ZIP archive.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2016-9844
CVE-Crit: MEDIUM
CVE-DESC: Buffer overflow in the zi_short function in zipinfo.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service (failure) by using a large compression method value in the central directory file header.
CVE-STATUS: default
CVE-REV: Default
CVE-ID: CVE-2018-1000035
CVE-Crit: HIGH
CVE-DESC: A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 when processing password-protected archives, allowing an attacker to perform a denial of service or possibly achieve code execution.
CVE-STATUS: default
CVE-REV: default
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.046 Low
EPSS
Percentile
92.4%