Lucene search
UbuntuUSN-2489-1HistoryFeb 03, 2015 - 12:00 a.m.
unzip vulnerability
2015-02-0300:00:00
ubuntu.com
30
8.1 High
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.259 Low
EPSS
Percentile
96.6%
Releases
- Ubuntu 14.10
- Ubuntu 14.04 ESM
- Ubuntu 12.04
- Ubuntu 10.04
Packages
- unzip - De-archiver for .zip files
Details
Michal Zalewski discovered that unzip incorrectly handled certain
malformed zip archives. If a user or automated system were tricked into
processing a specially crafted zip archive, an attacker could possibly
execute arbitrary code.
References
Related
nessus
nessus
SUSE SLED12 / SLES12 Security Update : unzip (SUSE-SU-2015:0355-1)
2015-05-20 00:00:00
Fedora 21 : unzip-6.0-18.fc21 (2015-1189)
2015-01-29 00:00:00
Ubuntu 14.04 LTS : unzip vulnerability (USN-2489-1)
2015-02-04 00:00:00
cbl_mariner
cbl_mariner
CVE-2014-9636 affecting package unzip 6.0-20
2024-03-19 17:21:46
CVE-2014-9636 affecting package unzip 6.0-20
2022-04-09 06:51:51
CVE-2014-9636 affecting package unzip 6.0-19
2020-10-08 18:09:51
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2015:0355-1)
2021-04-19 00:00:00
Ubuntu: Security Advisory (USN-2489-1)
2022-08-26 00:00:00
Fedora Update for unzip FEDORA-2015-1189
2015-01-29 00:00:00
alpinelinux
alpinelinux
CVE-2014-9636
2015-02-06 15:59:00
cve
cve
CVE-2014-9636
2015-02-06 15:59:00
prion
prion
Out-of-bounds
2015-02-06 15:59:00
fedora
fedora
[SECURITY] Fedora 20 Update: unzip-6.0-15.fc20
2015-01-30 04:35:06
[SECURITY] Fedora 21 Update: unzip-6.0-18.fc21
2015-01-28 19:58:39
[SECURITY] Fedora 20 Update: unzip-6.0-17.fc20
2015-02-23 23:25:28
ubuntucve
ubuntucve
CVE-2014-9636
2014-12-31 00:00:00
debiancve
debiancve
CVE-2014-9636
2015-02-06 15:59:00
freebsd
freebsd
unzip -- out of boundary access issues in test_compr_eb
2014-11-02 00:00:00
checkpoint_advisories
checkpoint_advisories
Unzip Extra Field Uncompressed Size Buffer Overflow (CVE-2014-9636)
2015-04-20 00:00:00
archlinux
archlinux
unzip: arbitrary code execution
2015-03-15 00:00:00
debian
debian
[SECURITY] [DSA 3152-1] unzip security update
2015-02-03 15:04:37
[SECURITY] [DLA 150-1] unzip security update
2015-02-07 13:51:00
[SECURITY] [DSA 3152-1] unzip security update
2015-02-03 15:04:37
securityvulns
securityvulns
[SECURITY] [DSA 3152-1] unzip security update
2015-02-11 00:00:00
UnZip multiple security vulnerabilities
2015-02-22 00:00:00
suse
suse
Security update for unzip (moderate)
2018-07-07 03:08:17
Security update for unzip (moderate)
2018-10-05 21:18:21
osv
osv
unzip - security update
2015-02-07 00:00:00
ibm
ibm
redhat
redhat
(RHSA-2015:0700) Moderate: unzip security update
2015-03-18 00:00:00
oraclelinux
oraclelinux
unzip security update
2015-03-18 00:00:00
gentoo
gentoo
UnZip: Multiple vulnerabilities
2016-11-01 00:00:00
amazon
amazon
Medium: unzip
2015-04-15 21:48:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:17:42
centos
centos
unzip security update
2015-03-18 18:53:06
8.1 High
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.259 Low
EPSS
Percentile
96.6%
Related for USN-2489-1