Unzip Security Vulnerabilities and Issues — Unzip CVE List

Lucene search

Info-zipUnzip

6 matches found

CVE•added 2020/01/31 11:15 p.m.•289 views

CVE-2014-8141

Heap-based buffer overflow in the getZip64Data function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.

7.8CVSS8.2AI score0.09912EPSS

CVE•added 2020/01/31 10:15 p.m.•278 views

CVE-2014-8139

Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.

7.8CVSS8.3AI score0.09912EPSS

CVE•added 2020/01/31 10:15 p.m.•277 views

CVE-2014-8140

Heap-based buffer overflow in the test_compr_eb function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.

7.8CVSS8.2AI score0.09912EPSS

CVE•added 2015/02/23 5:59 p.m.•74 views

CVE-2015-1315

Buffer overflow in the charset_to_intern function in unix/unix.c in Info-Zip UnZip 6.10b allows remote attackers to execute arbitrary code via a crafted string, as demonstrated by converting a string from CP866 to UTF-8.

7.5CVSS9.3AI score0.1061EPSS

CVE•added 2018/02/09 11:29 p.m.•46 views

CVE-2018-1000032

A heap-based buffer overflow exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service or to possibly achieve code execution.

7.8CVSS7.9AI score0.00513EPSS

CVE•added 2018/02/09 11:29 p.m.•43 views

CVE-2018-1000031

A heap-based buffer overflow exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service or to possibly achieve code execution.

7.8CVSS7.9AI score0.00513EPSS