2 matches found
CVE-2011-10016
CVE-2011-10016 affects Real Networks Netzip Classic 7.5.1.86. A stack-based buffer overflow occurs while parsing a specially crafted ZIP archive, triggered by a file name exceeding the expected buffer size. Exploitation allows arbitrary code execution under the victim user's context when the ZIP ...
CVE-2020-23171
A vulnerability in all versions of Nim-lang allows unauthenticated attackers to write files to arbitrary directories via a crafted zip file with dot-slash characters included in the name of the crafted file...