12 results (0.005 seconds)

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

A heap-based buffer overflow exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service or to possibly achieve code execution. Existe un desbordamiento de búfer basado en memoria dinámica (heap) en InfoZip UnZip 6.10c22 que permite que un atacante realice una denegación de servicio (DoS) o que pueda lograr la ejecución de código. InfoZip UnZip versions 6.00 and below and 6.1c22 and below suffer from multiple buffer overflow vulnerabilities. • https://sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html • CWE-787: Out-of-bounds Write •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

A heap-based buffer overflow exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service or to possibly achieve code execution. Existe un desbordamiento de búfer basado en memoria dinámica (heap) en InfoZip UnZip 6.10c22 que permite que un atacante realice una denegación de servicio (DoS) o que pueda lograr la ejecución de código. InfoZip UnZip versions 6.00 and below and 6.1c22 and below suffer from multiple buffer overflow vulnerabilities. • https://sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html • CWE-787: Out-of-bounds Write •

CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0

An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service and read sensitive memory. Existe una lectura fuera de límites en InfoZip UnZip 6.10c22 que permite que un atacante realice una denegación de servicio (DoS) y lea memoria sensible. InfoZip UnZip versions 6.00 and below and 6.1c22 and below suffer from multiple buffer overflow vulnerabilities. • http://www.securityfocus.com/bid/103111 https://sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html • CWE-125: Out-of-bounds Read •

CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0

An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service and read sensitive memory. Existe una lectura fuera de límites en InfoZip UnZip 6.10c22 que permite que un atacante realice una denegación de servicio (DoS) y lea memoria sensible. InfoZip UnZip versions 6.00 and below and 6.1c22 and below suffer from multiple buffer overflow vulnerabilities. • http://www.securityfocus.com/bid/103031 https://sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html • CWE-125: Out-of-bounds Read •

CVSS: 7.5EPSS: 6%CPEs: 4EXPL: 0

Buffer overflow in the charset_to_intern function in unix/unix.c in Info-Zip UnZip 6.10b allows remote attackers to execute arbitrary code via a crafted string, as demonstrated by converting a string from CP866 to UTF-8. Desbordamiento de buffer en la función charset_to_intern en unix/unix.c en Info-Zip UnZip 6.10b permite a atacantes remotos ejecutar código arbitrario a través de una cadena manipulada, tal y como fue demostrado mediante la conversión de una cadena de CP866 a UTF-8. • http://www.conostix.com/pub/adv/CVE-2015-1315-Info-ZIP-unzip-Out-of-bounds_Write.txt http://www.openwall.com/lists/oss-security/2015/02/17/4 http://www.ubuntu.com/usn/USN-2502-1 https://bugs.launchpad.net/ubuntu/+source/unzip/+bug/580961/comments/120 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •