10 results (0.023 seconds)

CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 1

Due to improper path sanitization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory. • https://github.com/yi-ge/unzip/commit/2adbaa4891b9690853ef10216189189f5ad7dc73 https://github.com/yi-ge/unzip/pull/1 https://pkg.go.dev/vuln/GO-2020-0035 https://snyk.io/research/zip-slip-vulnerability • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 0

A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 in the processing of password-protected archives that allows an attacker to perform a denial of service or to possibly achieve code execution. Existe un desbordamiento de búfer basado en memoria dinámica (heap) en InfoZip UnZip, en versiones iguales o anteriores a la 6.00, en el procesamiento de archivos protegidos por contraseña que permite que un atacante realice una denegación de servicio (DoS) o que pueda lograr la ejecución de código. InfoZip UnZip versions 6.00 and below and 6.1c22 and below suffer from multiple buffer overflow vulnerabilities. • https://lists.debian.org/debian-lts-announce/2020/01/msg00026.html https://sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html https://security.gentoo.org/glsa/202003-58 • CWE-787: Out-of-bounds Write •

CVSS: 7.8EPSS: 0%CPEs: 24EXPL: 0

Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command. Un desbordamiento del búfer en la región heap de la memoria en la comprobación de CRC32 en Info-ZIP UnZip versiones 6.0 y anteriores, permite a atacantes remotos ejecutar código arbitrario por medio de un archivo zip diseñado en el argumento del comando -t para el comando unzip. A buffer overflow flaw was found in the way unzip computed the CRC32 checksum of certain extra fields of a file. A specially crafted Zip archive could cause unzip to crash when the archive was tested with unzip's '-t' option. • http://www.ocert.org/advisories/ocert-2014-011.html http://www.securitytracker.com/id/1031433 https://access.redhat.com/errata/RHSA-2015:0700 https://bugzilla.redhat.com/show_bug.cgi?id=1174844 https://access.redhat.com/security/cve/CVE-2014-8139 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •

CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0

Heap-based buffer overflow in the getZip64Data function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command. Un desbordamiento del búfer en la región heap de la memoria en la función getZip64Data en Info-ZIP UnZip versiones 6.0 y anteriores, permite a atacantes remotos ejecutar código arbitrario por medio de un archivo zip diseñado en el argumento del comando -t para el comando unzip. A buffer overflow flaw was found in the way unzip handled Zip64 files. A specially crafted Zip archive could possibly cause unzip to crash when the archive was uncompressed. • http://www.ocert.org/advisories/ocert-2014-011.html http://www.securitytracker.com/id/1031433 https://access.redhat.com/errata/RHSA-2015:0700 https://bugzilla.redhat.com/show_bug.cgi?id=1174856 https://access.redhat.com/security/cve/CVE-2014-8141 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •

CVSS: 7.8EPSS: 0%CPEs: 24EXPL: 0

Heap-based buffer overflow in the test_compr_eb function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command. Un desbordamiento del búfer en la región heap de la memoria en la función test_compr_eb en Info-ZIP UnZip versiones 6.0 y anteriores, permite a atacantes remotos ejecutar código arbitrario por medio de un archivo zip diseñado en el argumento del comando -t para el comando unzip. An integer underflow flaw, leading to a buffer overflow, was found in the way unzip uncompressed certain extra fields of a file. A specially crafted Zip archive could cause unzip to crash when the archive was tested with unzip's '-t' option. • http://www.ocert.org/advisories/ocert-2014-011.html http://www.securitytracker.com/id/1031433 https://access.redhat.com/errata/RHSA-2015:0700 https://bugzilla.redhat.com/show_bug.cgi?id=1174851 https://access.redhat.com/security/cve/CVE-2014-8140 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •