173 matches found
PT-2014-8430 · Info Zip +5 · Unzip +5
Name of the Vulnerable Software and Affected Versions: Info-ZIP UnZip versions 6.0 and earlier Description: A heap-based buffer overflow in the test compr eb function allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command. This iss...
UBUNTU-CVE-2014-8141
Heap-based buffer overflow in the getZip64Data function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command...
UBUNTU-CVE-2014-8139
Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command...
Info-ZIP UnZip 5.50 Encoded Character Hostile Destination Path Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7550/info Info-ZIP UnZip contains a vulnerability during the handling of pathnames for archived files. Specifically, when certain encoded characters are inserted into '../' directory traversal sequences, the creator of th...
Zip Unzip压缩文档解析栈溢出漏洞
Zip Unzip是一款免费的压缩和解压工具。 用户受骗使用Zip Unzip解压了带有超长路径的特制ZIP文件就可以触发栈溢出,导致执行任意代码。 Microviet Zip Unzip 6 厂商补丁: Microviet --------- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.microviet.com/modules/freesoftware/ ?php / Zip Unzip v6 .zip 0day stack buffer overflow PoC exploit Author: mrme -...
Zip Unzip 6.0 - .zip Local Stack Buffer Overflow
Zip Unzip 6.0 - .zip Local Stack Buffer Overflow / // local file header $lfheader = "\x50\x4B\x03\x04\x14\x00\x00\x00\x00\x00\xB7\xAC\xCE\x34\x00\x00\x00". "\x00\x00\x00\x00\x00\x00\x00\x00\xe4\x0f\x00\x00\x00"; // central directory file header $cdfh...
Zip Unzip v6 (.zip) 0day stack buffer overflow PoC exploit
Exploit for windows platform in category local exploits ========================================================== Zip Unzip v6 .zip 0day stack buffer overflow PoC exploit ========================================================== ?php / Zip Unzip v6 .zip 0day stack buffer overflow PoC exploit...
Info-ZIP UnZip 5.x - File Name Buffer Overflow
Info-ZIP UnZip 5.x - File Name Buffer Overflow // source: https://www.securityfocus.com/bid/15968/info Info-ZIP 'unzip' is susceptible to a filename buffer-overflow vulnerability. The application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memo...
CVE-2001-1268
Directory traversal vulnerability in Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite arbitrary files during archive extraction via a .. dot dot in an extracted filename...
CVE-2001-1268
CVE-2001-1268 is a directory traversal vulnerability in Info-ZIP UnZip 5.42 and earlier that allows overwriting arbitrary files during archive extraction via a .. in the extracted filename. Connected sources confirm the affected product is UnZip up to version 5.42 and earlier, with the basic issu...
CVE-2001-1269
Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite arbitrary files during archive extraction via filenames in the archive that begin with the '/' slash character...
CVE-2001-1268
Directory traversal vulnerability in Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite arbitrary files during archive extraction via a .. dot dot in an extracted filename...
Multiple archivers directory traversal and path globbing
Topic: Directory traversal and path globbing in multiple archivers Author: 3APA3A Affected Software: GNU tar = 1.13.19, Info-Zip UnZip = 5.42, RARSoft rar = 2.02, PKWare pkzipc = 4.00 Not affected: rar 2.80, WinZIP 8.0 Risk: low/average Released: July, 2, 2001 SECURITY.NNOV advisories:...