Security Bulletin: TADDM affected by vulnerabilities in UnZip.

Summary UnZip.exe is used by IBM Tivoli Application Dependency Discovery Manager and is vulnerable to CVE-2021-4217, CVE-2022-0529, CVE-2022-0530 Publicly disclosed vulnerabilities Vulnerability Details CVEID:CVE-2021-4217 DESCRIPTION: Info-ZIP UnZip could allow a remote attacker to execute...

USN-4672-1: unzip vulnerabilities

Rene Freingruber discovered that unzip incorrectly handled certain specially crafted password protected ZIP archives. If a user or automated system using unzip were tricked into opening a specially crafted zip file, an attacker could exploit this to cause a crash, resulting in a denial of service...

Security Bulletin: Multiple vulnerabilities in unzip affect IBM Flex System Manager (FSM)

Summary Multiple vulnerabilities have been identified in unzip that is embedded in the FSM. This bulletin addresses these vulnerabilities. Vulnerability Details CVEID: CVE-2016-9844 DESCRIPTION: Info-Zip UnZip is vulnerable to a denial of service, caused by buffer overflow in zishort function in...

Security Bulletin: Multiple Unzip vulnerabilities affect PowerKVM (Multiple CVEs)

Summary PowerKVM is affected by several vulnerabilities in OpenSSL. Vulnerability Details CVEID: CVE-2014-8139 DESCRIPTION: Info-ZIP UnZip is vulnerable to a heap-based buffer overflow, caused by improper bounds checking within the CRC32 verification. A lo CVSS Base Score: 4.4 CVSS Temporal Score...

unzip security vulneravilities

DoS, code execution...

Ubuntu 14.04 LTS : unzip vulnerabilities (USN-2788-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2788-1 advisory. Gustavo Grieco discovered that unzip incorrectly handled certain password protected archives. If a user or automated system were tricked into processing ...

F5 Networks BIG-IP : Multiple unzip vulnerabilities (SOL16480)

A buffer overflow flaw was found in the way unzip computed the CRC32 checksum of certain extra fields of a file. A specially crafted Zip archive could cause unzip to crash when the archive was tested with unzip's '-t' option. C Tenable Network Security, Inc. The descriptive text and package check...

SOL16480 - Multiple unzip vulnerabilities CVE-2014-8139, CVE-2014-8140, and CVE-2014-8141

Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can...

Ubuntu 14.04 LTS : unzip vulnerabilities (USN-2472-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2472-1 advisory. Wolfgang Ettlinger discovered that unzip incorrectly handled certain malformed zip archives. If a user or automated system were tricked into processing a...

Moderate: Red Hat Security Advisory: : : : Updated unzip and tar packages that fix vulnerabilities are now available

Updated unzip and tar packages are available for IBM iSeries and pSeries systems. These packages resolve vulnerabilities allowing arbitrary files to be overwritten during archive extraction. The unzip and tar utilities are used for manipulating archives, which are multiple files stored inside of ...