CVE-2018-18384
unzip: Buffer overflow in list.c resulting in a denial of service
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive has a crafted relationship between the compressed-size value and the uncompressed-size value, because a buffer size is 10 and is supposed to be 12.
Info-ZIP UnZip 6.0 tiene un desbordamiento de búfer en list.c, cuando un archivo ZIP tiene una relación manipulada entre el valor de tamaño comprimido y el no comprimido. Esto se debe a que el tamaño de búfer es 10 y se supone que es 12.
Rene Freingruber discovered that unzip incorrectly handled certain specially crafted password protected ZIP archives. If a user or automated system using unzip were tricked into opening a specially crafted zip file, an attacker could exploit this to cause a crash, resulting in a denial of service. Antonio Carista discovered that unzip incorrectly handled certain specially crafted ZIP archives. If a user or automated system using unzip were tricked into opening a specially crafted zip file, an attacker could exploit this to cause a crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Various other issues were also addressed.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2018-10-16 CVE Reserved
- 2018-10-16 CVE Published
- 2024-08-05 CVE Updated
- 2024-08-05 First Exploit
- 2025-08-01 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (6)
URL | Tag | Source |
---|
URL | Date | SRC |
---|---|---|
https://bugzilla.suse.com/show_bug.cgi?id=1110194 | 2024-08-05 |
URL | Date | SRC |
---|---|---|
https://sourceforge.net/p/infozip/bugs/53 | 2019-12-16 |
URL | Date | SRC |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00009.html | 2019-12-16 | |
https://access.redhat.com/errata/RHSA-2019:2159 | 2019-12-16 | |
https://access.redhat.com/security/cve/CVE-2018-18384 | 2019-08-06 | |
https://bugzilla.redhat.com/show_bug.cgi?id=1642931 | 2019-08-06 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Unzip Project Search vendor "Unzip Project" | Unzip Search vendor "Unzip Project" for product "Unzip" | 6.0 Search vendor "Unzip Project" for product "Unzip" and version "6.0" | - |
Affected
|