Download
| Alert*
oval:org.secpod.oval:def:2101177
Buffer overflow in the list_files function in list.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service (crash) via vectors related to the compression method. oval:org.secpod.oval:def:89043924 This update for unzip fixes the following security issues: - CVE-2014-9913: Specially crafted zip files could trigger invalid memory writes possibly resulting in DoS or corruption - CVE-2015-7696: Specially crafted zip files with password protection could trigger a crash and lead to denial of servi ... oval:org.secpod.oval:def:52614 unzip: De-archiver for .zip files unzip could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:602260 Two vulnerabilities have been found in unzip, a de-archiver for .zip files. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2015-7696 Gustavo Grieco discovered that unzip incorrectly handled certain password protected archives. If a user or automated system we ... oval:org.secpod.oval:def:702816 unzip: De-archiver for .zip files unzip could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:89044840 This update for unzip fixes the following issues: - CVE-2014-9913: Specially crafted zip files could trigger invalid memory writes possibly resulting in DoS or corruption - CVE-2015-7696: Specially crafted zip files with password protection could trigger a crash and lead to denial of service - CVE ... |