MiracleLinux 8 : unzip-6.0-43.el8 (AXSA:2020-297:02)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-297:02 advisory. unzip: overlapping of files in ZIP container leads to denial of service CVE-2019-13232 Tenable has extracted the preceding description block directly from the...

EUVD-2019-4743

Malware in sbrugna...

RHEL 5 : unzip (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - unzip: Heap-based buffer overflow in fileio.c:UzpPassword function allows code execution CVE-2018-1000035...

CVE-2020-25237

A vulnerability has been identified in SINEC NMS All versions V1.0 SP1 Update 1, SINEMA Server All versions V14.0 SP2 Update 2. When uploading files to an affected system using a zip container, the system does not correctly check if the relative file path of the extracted files is still within th...

NewStart CGSL CORE 5.05 / MAIN 5.05 : unzip Vulnerability (NS-SA-2020-0098)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has unzip packages installed that are affected by a vulnerability: - Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service resource consumption, aka a better zip bomb issue...

RHEL 8 : unzip (RHSA-2020:1787)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:1787 advisory. The unzip utility is used to list, test, and extract files from zip archives. Security Fixes: unzip: overlapping of files in ZIP container leads to...

Amazon Linux 2 : unzip (ALAS-2020-1550)

The version of unzip installed on the remote host is prior to 6.0-21. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2020-1550 advisory. Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service resource consumption, aka ...

Low: unzip

Issue Overview: Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service resource consumption, aka a "better zip bomb" issue. CVE-2019-13232 Affected Packages: unzip Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit...

unzip: overlapping of files in ZIP container leads to denial of service

Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service resource consumption, aka a "better zip bomb" issue...

CVE-2019-13232

Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service resource consumption, aka a "better zip bomb" issue...

CVE-2019-13232

Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service resource consumption, aka a "better zip bomb" issue...

CVE-2019-13232

Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service resource consumption, aka a "better zip bomb" issue...

MS Office 2007: Digital Signature does not protect Meta-Data

Affects: Microsoft Office 2007 12.0.6015.5000 MSO 12.0.6017.5000 possibly older versions I. Background Microsoft Office is a suite containing several programs to handle Office documents like text documents or spreadsheets. The latest version uses an XML based document format. Microsoft Office...