14 matches found
CBL Mariner 2.0 Security Update: unzip (CVE-2014-8139)
The version of unzip installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2014-8139 advisory. - Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote attackers...
RHEL 5 : unzip (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - unzip: Heap-based buffer overflow in fileio.c:UzpPassword function allows code execution CVE-2018-1000035...
CVE-2014-8139
Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command...
Heap overflow
Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command...
CVE-2014-8139
Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command...
CVE-2014-8139
Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command...
CVE-2014-8139
Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command...
Mandriva Linux Security Advisory : unzip (MDVSA-2015:123)
Updated unzip package fix security vulnerabilities : The unzip command line tool is affected by heap-based buffer overflows within the CRC32 verification CVE-2014-8139, the testcompreb CVE-2014-8140 and the getZip64Data CVE-2014-8141 functions. The input errors may result in in arbitrary code...
Fedora 20 : unzip-6.0-17.fc20 (2015-1993)
Fix CVE-2014-8139 - CRC32 verification heap-based buffer overread 1174844 - Fix CVE-2014-8140 - out-of-bounds write issue in testcompreb 1174851 - Fix CVE-2014-8141 - getZip64Data out-of-bounds read issues 1174856 - Fix buffer overflow on long file sizes 1191136 - CVE-2014-9636 unzip:...
Fedora 21 : unzip-6.0-20.fc21 (2015-2035)
Fix CVE-2014-8139 - CRC32 verification heap-based buffer overread 1174844 - Fix CVE-2014-8140 - out-of-bounds write issue in testcompreb 1174851 - Fix CVE-2014-8141 - getZip64Data out-of-bounds read issues 1174856 - Fix buffer overflow on long file sizes 1191136 - CVE-2014-9636 unzip:...
Mandriva Linux Security Advisory : unzip (MDVSA-2015:016)
Updated unzip package fix security vulnerabilities : The unzip command line tool is affected by heap-based buffer overflows within the CRC32 verification CVE-2014-8139, the testcompreb CVE-2014-8140 and the getZip64Data CVE-2014-8141 functions. The input errors may result in in arbitrary code...
Debian DSA-3113-1 : unzip - security update
Michele Spagnuolo of the Google Security Team discovered that unzip, an extraction utility for archives compressed in .zip format, is affected by heap-based buffer overflows within the CRC32 verification function CVE-2014-8139 , the testcompreb function CVE-2014-8140 and the getZip64Data function...
[SECURITY] [DLA 124-1] unzip security update
Package : unzip Version : 6.0-4+deb6u1 CVE ID : CVE-2014-8139 CVE-2014-8140 CVE-2014-8141 Debian Bug : 773722 Michele Spagnuolo of the Google Security Team discovered that unzip, an extraction utility for archives compressed in .zip format, is affected by heap-based buffer overflows within the...
DSA-3113-1 unzip - security update
Bulletin has no description...