CVE-2025-15649 IO::Uncompress::Unzip versions before 2.215 for Perl propagate uncaught exception when parsing zip header with malformed DOS date

IO::Uncompress::Unzip versions before 2.215 for Perl propagate uncaught exception when parsing zip header with malformed DOS date. dosToUnixTime decodes the local-file-header last-modification date field and calls Time::Local::timelocal without an eval guard. A header whose date field decodes to ...

CVE-2025-15649

CVE-2025-15649 affects IO::Uncompress::Unzip in Perl, with the vulnerability present in versions before 2.215. The issue arises when parsing a ZIP header with a malformed DOS date, where _dosToUnixTime() decodes the local-file-header date and calls Time::Local::timelocal() without an eval guard, ...

EUVD-2002-1034

Malware in sbrugna...

FreeBSD : shibboleth-sp -- crashes on malformed date/time content (4f8665d0-0465-11e9-b77a-6cc21735f730)

The Shibboleth Consortium reports : SAML messages, assertions, and metadata all commonly contain date/time information in a standard XML format. Invalid formatted data in such fields cause an exception of a type that was not handled properly in the V3 software and causes a crash usually to the...

CVE-2002-1045

Ultrafunk Popcorn 1.20 allows remote attackers to cause a denial of service crash via a malformed Date field that is converted into a year greater than 2037...

CVE-2002-1045

Ultrafunk Popcorn 1.20 allows remote attackers to cause a denial of service crash via a malformed Date field that is converted into a year greater than 2037...