Gentoo Linux Security Advisory 201611-1 - Multiple vulnerabilities have been found in UnZip allowing remote attackers to execute arbitrary code and cause Denial of Service. Versions less than 6.0_p20 are affected.
cdb47bf2241655b31eacd5f4ce1266f75ba97fdb8d48e93fd095debfe4fdc848Red Hat Security Advisory 2015-0700-01 - The unzip utility is used to list, test, or extract files from a zip archive. A buffer overflow was found in the way unzip uncompressed certain extra fields of a file. A specially crafted Zip archive could cause unzip to crash or, possibly, execute arbitrary code when the archive was tested with unzip's '-t' option. A buffer overflow flaw was found in the way unzip computed the CRC32 checksum of certain extra fields of a file. A specially crafted Zip archive could cause unzip to crash when the archive was tested with unzip's '-t' option.
bbf93d3ad2423c641ff52feaf0acea28238c5242e79a963abc3c9b57d08540edUbuntu Security Notice 2489-1 - Michal Zalewski discovered that unzip incorrectly handled certain malformed zip archives. If a user or automated system were tricked into processing a specially crafted zip archive, an attacker could possibly execute arbitrary code.
0e679c8da965f25c86ac820e29fa880a3cfe75ed1f1ccf598b43444fb175f8cfDebian Linux Security Advisory 3152-1 - A flaw was found in the test_compr_eb() function allowing out-of-bounds read and write access to memory locations. By carefully crafting a corrupt ZIP archive an attacker can trigger a heap overflow, resulting in application crash or possibly having other unspecified impact.
d75c233bc48401a828d5d7526c6215a57788b28545653b4fca0bfe314d197148
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed