173 matches found
CVE-2014-8140
Heap-based buffer overflow in the testcompreb function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command...
Heap overflow
Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command...
Heap overflow
Heap-based buffer overflow in the testcompreb function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command...
CVE-2014-8141
Heap-based buffer overflow in the getZip64Data function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command...
CVE-2014-8141
Heap-based buffer overflow in the getZip64Data function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command...
CVE-2014-8139
Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command...
Huawei EulerOS: Security Advisory for unzip (EulerOS-SA-2019-2677)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for unzip (EulerOS-SA-2019-1627)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2020-5196
Cerberus FTP Server Enterprise Edition prior to versions 11.0.3 and 10.0.18 allows an authenticated attacker to create files, display hidden files, list directories, and list files without the permission to zip and download or unzip and upload files. There are multiple ways to bypass certain...
Amazon Linux 2 : unzip (ALAS-2019-1355)
Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive has a crafted relationship between the compressed-size value and the uncompressed-size value, because a buffer size is 10 and is supposed to be 12.CVE-2018-18384 C Tenable Network Security, Inc. The descriptive text and packag...
Low: unzip
Issue Overview: Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive has a crafted relationship between the compressed-size value and the uncompressed-size value, because a buffer size is 10 and is supposed to be 12.CVE-2018-18384 Affected Packages: unzip Note: This advisory is...
NewStart CGSL CORE 5.04 / MAIN 5.04 : unzip Vulnerability (NS-SA-2019-0192)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has unzip packages installed that are affected by a vulnerability: - Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive has a crafted relationship between the compressed-size value and the uncompressed-size...
Info-ZIP UnZip Denial of Service Vulnerability (CNVD-2019-21440)
Info-ZIP UnZip is the United States Greg Roelofs software developers of a set of Unix-based platform for the ".zip" file format for decompression tools. A security vulnerability exists in Info-ZIP UnZip version 6.0. An attacker could exploit this vulnerability to cause a denial of service...
CVE-2019-13232
Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service resource consumption, aka a "better zip bomb" issue...
DEBIAN-CVE-2019-13232
Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service resource consumption, aka a "better zip bomb" issue...
ALPINE-CVE-2019-13232
Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service resource consumption, aka a "better zip bomb" issue...
UBUNTU-CVE-2019-13232
Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service resource consumption, aka a "better zip bomb" issue...
CVE-2019-13232
Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service resource consumption, aka a "better zip bomb" issue...
CVE-2019-13232
Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service resource consumption, aka a "better zip bomb" issue...
PT-2019-5050 · Info Zip +4 · Info-Zip Unzip +4
Name of the Vulnerable Software and Affected Versions: Info-ZIP UnZip version 6.0 Description: The issue is related to the mishandling of overlapping files inside a ZIP container, which can lead to denial of service due to resource consumption, also known as a "better zip bomb" issue. Additionall...