18 matches found
RHEL 7 : unzip (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - unzip: Heap-based buffer overflow in fileio.c:UzpPassword function allows code execution CVE-2018-1000035...
CVE-2014-9913 affecting package unzip for versions less than 6.0-20
CVE-2014-9913 affecting package unzip for versions less than 6.0-20. A patched version of the package is available...
Debian: Security Advisory (DLA-741-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2014-9913 affecting package unzip for versions less than 6.0-19
CVE-2014-9913 affecting package unzip for versions less than 6.0-19. A patched version of the package is available...
Mageia: Security Advisory (MGASA-2017-0015)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:2978-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-4672-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 16.04 LTS / 18.04 LTS : unzip vulnerabilities (USN-4672-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4672-1 advisory. Rene Freingruber discovered that unzip incorrectly handled certain specially crafted password protected ZIP archives. If a user or automated...
CVE-2014-9913 affecting package unzip 6.0-19
CVE-2014-9913 affecting package unzip 6.0-19. A patched version of the package is available...
openSUSE: Security Advisory for unzip (openSUSE-SU-2018:3043-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE SLED12 / SLES12 Security Update : unzip (SUSE-SU-2018:2978-1)
This update for unzip fixes the following security issues : CVE-2014-9913: Specially crafted zip files could trigger invalid memory writes possibly resulting in DoS or corruption bsc1013993 CVE-2015-7696: Specially crafted zip files with password protection could trigger a crash and lead to denia...
EulerOS 2.0 SP3 : unzip (EulerOS-SA-2018-1170)
According to the versions of the unzip package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Buffer overflow in the listfiles function in list.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service crash via vectors...
SUSE SLES11 Security Update : unzip (SUSE-SU-2017:0639-1)
This update for unzip fixes the following issues : - CVE-2014-9913: Specially crafted zip files could trigger invalid memory writes possibly resulting in DoS or corruption bsc1013993 - CVE-2015-7696: Specially crafted zip files with password protection could trigger a crash and lead to denial of...
AZL-35335 CVE-2014-9913 affecting package unzip for versions less than 6.0-20
Buffer overflow in the listfiles function in list.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service crash via vectors related to the compression method...
CVE-2014-9913
Buffer overflow in the listfiles function in list.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service crash via vectors related to the compression method...
CVE-2014-9913
CVE-2014-9913 refers to a buffer overflow in Info-Zip UnZip 6.0’s list_files function (list.c) that can crash the application via ZIP compression-method-related inputs. Connected records indicate unzip packages in various distros with patches or newer versions (e.g., Mariner entries noting patche...
Debian DLA-741-1 : unzip security update
'unzip -l' CVE-2014-9913 and 'zipinfo' CVE-2016-9844 were vulnerable to buffer overflows when provided malformed or maliciously-crafted ZIP files. For Debian 7 'Wheezy', these problems have been fixed in version 6.0-8+deb7u6. We recommend that you upgrade your unzip packages. NOTE: Tenable Networ...
DLA-741-1 unzip - security update
Bulletin has no description...