Retraction of "Antivirus and Endpoint Detection and Response Archive Scanning Engines may not properly scan malformed ZIP archives"

Overview Malformed ZIP headers can be used to obfuscate malicious content in ZIP files from antivirus detection tools. Despite the presence of malformed headers, custom extraction software can decompress the ZIP archive, allowing potentially malicious payloads to be recovered after successful...

EUVD-2025-34608

In Eclipse Foundation NextX Duo before 6.4.4, a module of ThreadX, the nxsecuretlsprocessclienthello function was missing length verification of certain SSL/TLS client hello message: the ciphersuite length and compression method length. In case of an attacker-crafted message with values outside o...

EUVD-2016-10644

Malware in sbrugna...

SUSE CVE-2014-9913

Buffer overflow in the listfiles function in list.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service crash via vectors related to the compression method...

SUSE CVE-2016-9844

Buffer overflow in the zishort function in zipinfo.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service crash via a large compression method value in the central directory file header...

Important: unzip

Issue Overview: Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service infinite loop via empty bzip2 data in a ZIP archive. CVE-2015-7697 Buffer overflow in the zishort function in zipinfo.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service crash via a...

Buffer Overflow

Buffer overflow in the listfiles function in list.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service crash via vectors related to the compression method...

Buffer overflow in the list_files function in list.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service (crash) via vectors related to the compression method.

...

CVE-2020-9342

The F-Secure AV parsing engine before 2020-02-05 allows virus-detection bypass via crafted Compression Method data in a GZIP archive. This affects versions before 17.0.605.474 on Linux of Cloud Protection For Salesforce, Email and Server Security, and Internet GateKeeper...

CVE-2020-9342

Summary: CVE-2020-9342 affects the F-Secure AV parsing engine prior to 2020-02-05, enabling a virus-detection bypass via crafted Compression Method data in a GZIP archive. Affected products/versions include Cloud Protection For Salesforce, Email and Server Security, and Internet GateKeeper on Lin...

CVE-2020-9342

The F-Secure AV parsing engine before 2020-02-05 allows virus-detection bypass via crafted Compression Method data in a GZIP archive. This affects versions before 17.0.605.474 on Linux of Cloud Protection For Salesforce, Email and Server Security, and Internet GateKeeper...

AZL-35338 CVE-2016-9844 affecting package unzip for versions less than 6.0-20

Buffer overflow in the zishort function in zipinfo.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service crash via a large compression method value in the central directory file header...

ALPINE-CVE-2016-9844

Buffer overflow in the zishort function in zipinfo.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service crash via a large compression method value in the central directory file header...

DEBIAN-CVE-2016-9844

Buffer overflow in the zishort function in zipinfo.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service crash via a large compression method value in the central directory file header...

AZL-6940 CVE-2016-9844 affecting package unzip for versions less than 6.0-19

Buffer overflow in the zishort function in zipinfo.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service crash via a large compression method value in the central directory file header...

AZL-35335 CVE-2014-9913 affecting package unzip for versions less than 6.0-20

Buffer overflow in the listfiles function in list.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service crash via vectors related to the compression method...

AZL-6937 CVE-2014-9913 affecting package unzip for versions less than 6.0-19

Buffer overflow in the listfiles function in list.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service crash via vectors related to the compression method...

CVE-2014-9913

Buffer overflow in the listfiles function in list.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service crash via vectors related to the compression method...

Buffer overflow

Buffer overflow in the listfiles function in list.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service crash via vectors related to the compression method...

ALPINE-CVE-2014-9913

Buffer overflow in the listfiles function in list.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service crash via vectors related to the compression method...