SUSE CVE-2014-8141

Heap-based buffer overflow in the getZip64Data function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command...

Heap-based buffer overflow in the getZip64Data function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.

...

AZL-6935 CVE-2014-8141 affecting package unzip for versions less than 6.0-19

Heap-based buffer overflow in the getZip64Data function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command...

AZL-35333 CVE-2014-8141 affecting package unzip for versions less than 6.0-20

Heap-based buffer overflow in the getZip64Data function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command...

ALPINE-CVE-2014-8141

Heap-based buffer overflow in the getZip64Data function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command...

Mandriva Linux Security Advisory : unzip (MDVSA-2015:123)

Updated unzip package fix security vulnerabilities : The unzip command line tool is affected by heap-based buffer overflows within the CRC32 verification CVE-2014-8139, the testcompreb CVE-2014-8140 and the getZip64Data CVE-2014-8141 functions. The input errors may result in in arbitrary code...

Fedora 21 : unzip-6.0-20.fc21 (2015-2035)

Fix CVE-2014-8139 - CRC32 verification heap-based buffer overread 1174844 - Fix CVE-2014-8140 - out-of-bounds write issue in testcompreb 1174851 - Fix CVE-2014-8141 - getZip64Data out-of-bounds read issues 1174856 - Fix buffer overflow on long file sizes 1191136 - CVE-2014-9636 unzip:...

openSUSE Security Update : unzip (openSUSE-2015-119)

unzip was updated to fix security issues. The unzip command line tool is affected by heap-based buffer overflows within the CRC32 verification CVE-2014-8139, the testcompreb CVE-2014-8140 and the getZip64Data functions CVE-2014-8141. The input errors may result in in arbitrary code execution. Mor...

unzip: arbitrary code execution

CVE-2014-8139 heap buffer overflow A heap-based buffer overflow exists in the CRC32 verification that allows attackers to potentially execute arbitrary code or cause a denial of service memory corruption. - CVE-2014-8140 out-of-bounds read/write Out-of-bounds access both read and write issues...

Mandriva Linux Security Advisory : unzip (MDVSA-2015:016)

Updated unzip package fix security vulnerabilities : The unzip command line tool is affected by heap-based buffer overflows within the CRC32 verification CVE-2014-8139, the testcompreb CVE-2014-8140 and the getZip64Data CVE-2014-8141 functions. The input errors may result in in arbitrary code...

Debian DSA-3113-1 : unzip - security update

Michele Spagnuolo of the Google Security Team discovered that unzip, an extraction utility for archives compressed in .zip format, is affected by heap-based buffer overflows within the CRC32 verification function CVE-2014-8139 , the testcompreb function CVE-2014-8140 and the getZip64Data function...

[SECURITY] [DLA 124-1] unzip security update

Package : unzip Version : 6.0-4+deb6u1 CVE ID : CVE-2014-8139 CVE-2014-8140 CVE-2014-8141 Debian Bug : 773722 Michele Spagnuolo of the Google Security Team discovered that unzip, an extraction utility for archives compressed in .zip format, is affected by heap-based buffer overflows within the...

DSA-3113-1 unzip - security update

Bulletin has no description...