258 matches found
FreeBSD : zip -- long path buffer overflow (40549bbf-43b5-11d9-a9e7-0001020eed82)
A HexView security advisory reports : When zip performs recursive folder compression, it does not check for the length of resulting path. If the path is too long, a buffer overflow occurs leading to stack corruption and segmentation fault. It is possible to exploit this vulnerability by embedding...
CVE-2004-1010
Buffer overflow in Info-Zip 2.3 and possibly earlier versions, when using recursive folder compression, allows remote attackers to execute arbitrary code via a ZIP file containing a long pathname...
CVE-2004-1010
Buffer overflow in Info-Zip 2.3 and possibly earlier versions, when using recursive folder compression, allows remote attackers to execute arbitrary code via a ZIP file containing a long pathname...
DEBIAN-CVE-2004-1010
Buffer overflow in Info-Zip 2.3 and possibly earlier versions, when using recursive folder compression, allows remote attackers to execute arbitrary code via a ZIP file containing a long pathname...
CVE-2004-1010
Buffer overflow in Info-Zip 2.3 and possibly earlier versions, when using recursive folder compression, allows remote attackers to execute arbitrary code via a ZIP file containing a long pathname...
security flaw
Buffer overflow in Info-Zip 2.3 and possibly earlier versions, when using recursive folder compression, allows remote attackers to execute arbitrary code via a ZIP file containing a long pathname...
CVE-2004-1010
Buffer overflow in Info-Zip 2.3 and possibly earlier versions, when using recursive folder compression, allows remote attackers to execute arbitrary code via a ZIP file containing a long pathname...
CVE-2004-1010
Buffer overflow in Info-Zip 2.3 and possibly earlier versions, when using recursive folder compression, allows remote attackers to execute arbitrary code via a ZIP file containing a long pathname...
CVE-2004-1010
CVE-2004-1010 maps to a buffer overflow in Info-Zip zip (v2.3 and possibly earlier) when recursively creating archives with very long pathnames, enabling remote code execution via a crafted ZIP. Connected advisories (Ubuntu USN-18-1, Debian DSA-624-1, Gentoo GLSA 200411-16, FreeBSD/OpenVAS entrie...
Info-Zip buffer overflow
Buffer overflow on oversized path file comperssing...
[Full-Disclosure] [HV-MED] Zip/Linux long path buffer overflow
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Zip/Linux long path buffer overflow Classification: =============== Level: low-MED-high-crit ID: HEXVIEW200411031 URL: http://www.hexview.com/docs/20041103-1.txt Overview: ========= Zip console application by Info-Zip http://www.info-zip.org is an...
zip -- long path buffer overflow
A HexView security advisory reports: When zip performs recursive folder compression, it does not check for the length of resulting path. If the path is too long, a buffer overflow occurs leading to stack corruption and segmentation fault. It is possible to exploit this vulnerability by embedding ...
CVE-2001-1268
Directory traversal vulnerability in Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite arbitrary files during archive extraction via a .. dot dot in an extracted filename...
CVE-2001-1269
Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite arbitrary files during archive extraction via filenames in the archive that begin with the '/' slash character...
CVE-2001-1268
CVE-2001-1268 is a directory traversal vulnerability in Info-ZIP UnZip 5.42 and earlier that allows overwriting arbitrary files during archive extraction via a .. in the extracted filename. Connected sources confirm the affected product is UnZip up to version 5.42 and earlier, with the basic issu...
CVE-2001-1269
CVE-2001-1269 affects Info-ZIP UnZip 5.42 and earlier. The vulnerability allows an attacker to overwrite arbitrary files during archive extraction by using filenames that begin with the slash character (/) in the ZIP archive. The issue is rooted in how the extractor handles archive filenames, ena...
CVE-2001-1268
Directory traversal vulnerability in Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite arbitrary files during archive extraction via a .. dot dot in an extracted filename...
Multiple archivers directory traversal and path globbing
Topic: Directory traversal and path globbing in multiple archivers Author: 3APA3A Affected Software: GNU tar = 1.13.19, Info-Zip UnZip = 5.42, RARSoft rar = 2.02, PKWare pkzipc = 4.00 Not affected: rar 2.80, WinZIP 8.0 Risk: low/average Released: July, 2, 2001 SECURITY.NNOV advisories:...