Advisory ROSA-SA-2024-2472

software: zip 3.0 WASP: ROSA-CHROME packageevrstring: zip-3.0-15 CVE-ID: CVE-2018-13410 BDU-ID: 2021-03766 CVE-Crit: HIGH CVE-DESC.: A vulnerability in zip file compression software is related to the use of memory after it has been freed. Exploitation of the vulnerability could allow an attacker...

Huawei EulerOS: Security Advisory for zip (EulerOS-SA-2019-2059)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP2 : zip (EulerOS-SA-2019-1876)

According to the version of the zip package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Info-ZIP Zip 3.0, when the -T and -TT command-line options are used, allows attackers to cause a denial of service invalid free and application crash o...

CVE-2018-13410

Info-ZIP Zip 3.0, when the -T and -TT command-line options are used, allows attackers to cause a denial of service invalid free and application crash or possibly have unspecified other impact because of an off-by-one error. NOTE: it is unclear whether there are realistic scenarios in which an...

CVE-2018-13410

Info-ZIP Zip 3.0, when the -T and -TT command-line options are used, allows attackers to cause a denial of service invalid free and application crash or possibly have unspecified other impact because of an off-by-one error. NOTE: it is unclear whether there are realistic scenarios in which an...

CVE-2018-13410

DISPUTED Info-ZIP Zip 3.0, when the -T and -TT command-line options are used, allows attackers to cause a denial of service invalid free and application crash or possibly have unspecified other impact because of an off-by-one error. NOTE: it is unclear whether there are realistic scenarios in whi...

DEBIAN-CVE-2018-13410

Info-ZIP Zip 3.0, when the -T and -TT command-line options are used, allows attackers to cause a denial of service invalid free and application crash or possibly have unspecified other impact because of an off-by-one error. NOTE: it is unclear whether there are realistic scenarios in which an...

CVE-2018-13410

Info-ZIP Zip 3.0, when the -T and -TT command-line options are used, allows attackers to cause a denial of service invalid free and application crash or possibly have unspecified other impact because of an off-by-one error. NOTE: it is unclear whether there are realistic scenarios in which an...

Info-Zip Zip 3.0-11 Crash

Hello, I found info-zip's zip command's crash. This vulnerability is occured by off by one. I don't use the malformed file for crash. just command. And if 'zip' binary is added to function, it can be exploitable vulnerability I think. Environment OS : Ubuntu 16.04.3 LTS Kernel : Linux ubuntu...