Lucene search
+L

258 matches found

OSV
OSV
added 2019/07/04 1:15 p.m.5 views

UBUNTU-CVE-2019-13232

Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service resource consumption, aka a "better zip bomb" issue...

7.5CVSS6.7AI score0.00495EPSS
Exploits0References4
Cvelist
Cvelist
added 2019/07/04 12:3 p.m.21 views

CVE-2019-13232

Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service resource consumption, aka a "better zip bomb" issue...

3.9AI score0.00495EPSS
Exploits0References7
AlpineLinux
AlpineLinux
added 2019/07/04 12:3 p.m.45 views

CVE-2019-13232

Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service resource consumption, aka a "better zip bomb" issue...

3.3CVSS4.2AI score0.00495EPSS
Exploits0
CVE
CVE
added 2019/07/04 12:3 p.m.356 views

CVE-2019-13232

Info-ZIP UnZip 6.0 vulnerability CVE-2019-13232: overlapping file entries in a ZIP container can cause denial of service (resource consumption). Concrete details across connected docs show affected unzip versions (e.g., 6.0 and prior) and that multiple distributions released updates to mitigate b...

3.3CVSS3.8AI score0.00495EPSS
Exploits0References7Affected Software1
Debian CVE
Debian CVE
added 2019/07/04 12:3 p.m.44 views

CVE-2019-13232

Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service resource consumption, aka a "better zip bomb" issue...

3.3CVSS5.7AI score0.00495EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2019/07/02 12:0 a.m.3 views

PT-2019-5050 · Info Zip +4 · Info-Zip Unzip +4

Name of the Vulnerable Software and Affected Versions: Info-ZIP UnZip version 6.0 Description: The issue is related to the mishandling of overlapping files inside a ZIP container, which can lead to denial of service due to resource consumption, also known as a "better zip bomb" issue. Additionall...

7.8CVSS5.5AI score0.30469EPSS
Exploits5References66
Tenable Nessus
Tenable Nessus
added 2019/05/30 12:0 a.m.18 views

EulerOS Virtualization for ARM 64 3.0.2.0 : unzip (EulerOS-SA-2019-1627)

According to the version of the unzip package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive has a crafted relationship between the compressed-si...

5.5CVSS6.2AI score0.02586EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2019/05/13 12:0 a.m.33 views

EulerOS Virtualization 3.0.1.0 : unzip (EulerOS-SA-2019-1467)

According to the version of the unzip package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive has a crafted relationship between the compressed-size value an...

5.5CVSS6.4AI score0.02586EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2018/12/20 12:0 a.m.7 views

The vulnerability of the list.c file in the Info-ZIP UnZip compressor allows a hacker to execute arbitrary code.

The vulnerability of the list.c file in the Info-ZIP UnZip compressor arises due to an overflow in the memory buffer. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

5.5CVSS6.5AI score0.02586EPSS
Exploits1References7Affected Software2
RedhatCVE
RedhatCVE
added 2018/10/25 10:50 a.m.25 views

CVE-2018-18384

Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive has a crafted relationship between the compressed-size value and the uncompressed-size value, because a buffer size is 10 and is supposed to be 12...

5.5CVSS2.7AI score0.02586EPSS
Exploits1References2
NVD
NVD
added 2018/10/16 4:50 p.m.16 views

CVE-2018-18384

Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive has a crafted relationship between the compressed-size value and the uncompressed-size value, because a buffer size is 10 and is supposed to be 12...

5.5CVSS5.8AI score0.02586EPSS
Exploits1References4
Prion
Prion
added 2018/10/16 4:50 p.m.23 views

Buffer overflow

Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive has a crafted relationship between the compressed-size value and the uncompressed-size value, because a buffer size is 10 and is supposed to be 12...

4.3CVSS5.7AI score0.02586EPSS
Exploits1References4Affected Software1
UbuntuCve
UbuntuCve
added 2018/10/16 4:50 p.m.28 views

CVE-2018-18384

Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive has a crafted relationship between the compressed-size value and the uncompressed-size value, because a buffer size is 10 and is supposed to be 12...

5.5CVSS6.6AI score0.02586EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2018/10/16 3:0 p.m.34 views

CVE-2018-18384

Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive has a crafted relationship between the compressed-size value and the uncompressed-size value, because a buffer size is 10 and is supposed to be 12...

5.5CVSS6.2AI score0.02586EPSS
Exploits1
Cvelist
Cvelist
added 2018/10/16 3:0 p.m.26 views

CVE-2018-18384

Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive has a crafted relationship between the compressed-size value and the uncompressed-size value, because a buffer size is 10 and is supposed to be 12...

5.1AI score0.02586EPSS
Exploits1References4
CVE
CVE
added 2018/10/16 3:0 p.m.264 views

CVE-2018-18384

CVE-2018-18384 affects Info-ZIP UnZip 6.0. The vulnerability is a buffer overflow in list.c caused by a mismatch between a crafted compressed-size/uncompressed-size relationship and an insufficient buffer (size 10 instead of 12). For some distributions, patched packages exist (e.g., unzip 6.0-20 ...

5.5CVSS5AI score0.02586EPSS
Exploits1References4Affected Software1
AlpineLinux
AlpineLinux
added 2018/10/16 3:0 p.m.54 views

CVE-2018-18384

Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive has a crafted relationship between the compressed-size value and the uncompressed-size value, because a buffer size is 10 and is supposed to be 12...

5.5CVSS5.4AI score0.02586EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2018/07/06 7:29 p.m.36 views

CVE-2018-13410

Info-ZIP Zip 3.0, when the -T and -TT command-line options are used, allows attackers to cause a denial of service invalid free and application crash or possibly have unspecified other impact because of an off-by-one error. NOTE: it is unclear whether there are realistic scenarios in which an...

9.8CVSS7.5AI score0.03977EPSS
Exploits0References3
NVD
NVD
added 2018/07/06 7:29 p.m.14 views

CVE-2018-13410

Info-ZIP Zip 3.0, when the -T and -TT command-line options are used, allows attackers to cause a denial of service invalid free and application crash or possibly have unspecified other impact because of an off-by-one error. NOTE: it is unclear whether there are realistic scenarios in which an...

9.8CVSS10AI score0.03977EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2018/07/06 7:29 p.m.84 views

CVE-2018-13410

DISPUTED Info-ZIP Zip 3.0, when the -T and -TT command-line options are used, allows attackers to cause a denial of service invalid free and application crash or possibly have unspecified other impact because of an off-by-one error. NOTE: it is unclear whether there are realistic scenarios in whi...

9.8CVSS6.6AI score0.03977EPSS
Exploits0
Rows per page
Query Builder