Lucene search
K

173 matches found

Positive Technologies
Positive Technologies
added 2014/12/28 12:0 a.m.3 views

PT-2014-8430 · Info Zip +5 · Unzip +5

Name of the Vulnerable Software and Affected Versions: Info-ZIP UnZip versions 6.0 and earlier Description: A heap-based buffer overflow in the test compr eb function allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command. This iss...

7.8CVSS7.7AI score0.30469EPSS
Exploits3References66
OSV
OSV
added 2014/12/28 12:0 a.m.2 views

UBUNTU-CVE-2014-8141

Heap-based buffer overflow in the getZip64Data function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command...

7.8CVSS7.8AI score0.07448EPSS
Exploits0References4
OSV
OSV
added 2014/12/28 12:0 a.m.2 views

UBUNTU-CVE-2014-8139

Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command...

7.8CVSS7.8AI score0.07448EPSS
Exploits0References4
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

Info-ZIP UnZip 5.50 Encoded Character Hostile Destination Path Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7550/info Info-ZIP UnZip contains a vulnerability during the handling of pathnames for archived files. Specifically, when certain encoded characters are inserted into '../' directory traversal sequences, the creator of th...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2010/04/07 12:0 a.m.23 views

Zip Unzip压缩文档解析栈溢出漏洞

Zip Unzip是一款免费的压缩和解压工具。 用户受骗使用Zip Unzip解压了带有超长路径的特制ZIP文件就可以触发栈溢出,导致执行任意代码。 Microviet Zip Unzip 6 厂商补丁: Microviet --------- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.microviet.com/modules/freesoftware/ ?php / Zip Unzip v6 .zip 0day stack buffer overflow PoC exploit Author: mrme -...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2010/04/03 12:0 a.m.15 views

Zip Unzip 6.0 - .zip Local Stack Buffer Overflow

Zip Unzip 6.0 - .zip Local Stack Buffer Overflow / // local file header $lfheader = "\x50\x4B\x03\x04\x14\x00\x00\x00\x00\x00\xB7\xAC\xCE\x34\x00\x00\x00". "\x00\x00\x00\x00\x00\x00\x00\x00\xe4\x0f\x00\x00\x00"; // central directory file header $cdfh...

1AI score
Exploits0
0day.today
0day.today
added 2010/04/03 12:0 a.m.20 views

Zip Unzip v6 (.zip) 0day stack buffer overflow PoC exploit

Exploit for windows platform in category local exploits ========================================================== Zip Unzip v6 .zip 0day stack buffer overflow PoC exploit ========================================================== ?php / Zip Unzip v6 .zip 0day stack buffer overflow PoC exploit...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2005/12/19 12:0 a.m.17 views

Info-ZIP UnZip 5.x - File Name Buffer Overflow

Info-ZIP UnZip 5.x - File Name Buffer Overflow // source: https://www.securityfocus.com/bid/15968/info Info-ZIP 'unzip' is susceptible to a filename buffer-overflow vulnerability. The application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memo...

0.8AI score
Exploits0
Cvelist
Cvelist
added 2002/05/03 4:0 a.m.32 views

CVE-2001-1268

Directory traversal vulnerability in Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite arbitrary files during archive extraction via a .. dot dot in an extracted filename...

9.3AI score0.0067EPSS
Exploits1References4
CVE
CVE
added 2002/05/03 4:0 a.m.69 views

CVE-2001-1268

CVE-2001-1268 is a directory traversal vulnerability in Info-ZIP UnZip 5.42 and earlier that allows overwriting arbitrary files during archive extraction via a .. in the extracted filename. Connected sources confirm the affected product is UnZip up to version 5.42 and earlier, with the basic issu...

2.1CVSS6.5AI score0.0067EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2002/05/03 4:0 a.m.27 views

CVE-2001-1269

Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite arbitrary files during archive extraction via filenames in the archive that begin with the '/' slash character...

6.6AI score0.00503EPSS
Exploits1References4
NVD
NVD
added 2001/07/12 4:0 a.m.23 views

CVE-2001-1268

Directory traversal vulnerability in Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite arbitrary files during archive extraction via a .. dot dot in an extracted filename...

2.1CVSS9.3AI score0.0067EPSS
Exploits1References4
security_vulns
security_vulns
added 2001/02/07 12:0 a.m.103 views

Multiple archivers directory traversal and path globbing

Topic: Directory traversal and path globbing in multiple archivers Author: 3APA3A Affected Software: GNU tar = 1.13.19, Info-Zip UnZip = 5.42, RARSoft rar = 2.02, PKWare pkzipc = 4.00 Not affected: rar 2.80, WinZIP 8.0 Risk: low/average Released: July, 2, 2001 SECURITY.NNOV advisories:...

6.9AI score
Exploits0
Rows per page
Query Builder