unzip vulnerability

2008-03-20T00:00:00
ID USN-589-1
Type ubuntu
Reporter Ubuntu
Modified 2008-03-20T00:00:00

Description

Tavis Ormandy discovered that unzip did not correctly clean up pointers. If a user or automated service was tricked into processing a specially crafted ZIP archive, a remote attacker could execute arbitrary code with user privileges.