AZL-6934 CVE-2014-8140 affecting package unzip for versions less than 6.0-19

Heap-based buffer overflow in the testcompreb function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command...

Info-ZIP UnZip Out-of-Bounds Write Heap Buffer Overflow Vulnerability

unzip is a tool for decompressing the .zip file format under Unix. Info-ZIP The UnZip testcompreb function is vulnerable to an out-of-bounds write heap buffer overflow that allows attackers to construct malicious files that can be tricked into parsing by the user, crashing the application...