unzip: free() called for uninitialized or already freed pointer

The NEEDBITS macro in the inflatedynamic function in inflate.c for unzip can be invoked using invalid buffers, which allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via unknown vectors that trigger a free of uninitialized or previously-freed data...

AZL-35330 CVE-2008-0888 affecting package unzip for versions less than 6.0-20

The NEEDBITS macro in the inflatedynamic function in inflate.c for unzip can be invoked using invalid buffers, which allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via unknown vectors that trigger a free of uninitialized or previously-freed data...

CVE-2008-0888

The NEEDBITS macro in the inflatedynamic function in inflate.c for unzip can be invoked using invalid buffers, which allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via unknown vectors that trigger a free of uninitialized or previously-freed data...

EUVD-2008-0895

The NEEDBITS macro in the inflatedynamic function in inflate.c for unzip can be invoked using invalid buffers, which allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via unknown vectors that trigger a free of uninitialized or previously-freed data...