Download
| Alert*
oval:org.secpod.oval:def:108446
The unzip utility is used to list, test, or extract files from a zip archive. Zip archives are commonly found on MS-DOS systems. The zip utility, included in the zip package, creates zip archives. Zip and unzip are both compatible with archives created by PKWARE"s PKZIP for MS-DOS, but the programs" ... oval:org.secpod.oval:def:1500948 unzip 6.0 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via an extra field with an uncompressed size smaller than the compressed field size in a zip archive that advertises STORED method compression. oval:org.secpod.oval:def:601893 Michele Spagnuolo of the Google Security Team discovered that unzip, an extraction utility for archives compressed in .zip format, is affected by heap-based buffer overflows within the CRC32 verification function , the test_compr_eb function and the getZip64Data function , which may lead to the exe ... oval:org.secpod.oval:def:203591 The unzip utility is used to list, test, or extract files from a zip archive. A buffer overflow was found in the way unzip uncompressed certain extra fields of a file. A specially crafted Zip archive could cause unzip to crash or, possibly, execute arbitrary code when the archive was tested with unz ... oval:org.secpod.oval:def:52377 unzip: De-archiver for .zip files unzip could be made to crash or run programs if it opened a specially crafted file. oval:org.secpod.oval:def:25310 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.3 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to handle a crafted font file. Successful exploitation may lead to an unexpected application termination or arbitra ... oval:org.secpod.oval:def:204255 The unzip utility is used to list, test, or extract files from a zip archive. A buffer overflow was found in the way unzip uncompressed certain extra fields of a file. A specially crafted Zip archive could cause unzip to crash or, possibly, execute arbitrary code when the archive was tested with unz ... oval:org.secpod.oval:def:203572 The unzip utility is used to list, test, or extract files from a zip archive. A buffer overflow was found in the way unzip uncompressed certain extra fields of a file. A specially crafted Zip archive could cause unzip to crash or, possibly, execute arbitrary code when the archive was tested with unz ... oval:org.secpod.oval:def:702359 unzip: De-archiver for .zip files unzip could be made to crash or run programs if it opened a specially crafted file. oval:org.secpod.oval:def:501538 The unzip utility is used to list, test, or extract files from a zip archive. A buffer overflow was found in the way unzip uncompressed certain extra fields of a file. A specially crafted Zip archive could cause unzip to crash or, possibly, execute arbitrary code when the archive was tested with unz ... oval:org.secpod.oval:def:1500951 unzip 6.0 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via an extra field with an uncompressed size smaller than the compressed field size in a zip archive that advertises STORED method compression. oval:org.secpod.oval:def:1200014 A buffer overflow was found in the way unzip uncompressed certain extra fields of a file. A specially crafted Zip archive could cause unzip to crash or, possibly, execute arbitrary code when the archive was tested with unzip"s "-t" option. A buffer overflow flaw was found in the way unzip computed t ... oval:org.secpod.oval:def:108399 The unzip utility is used to list, test, or extract files from a zip archive. Zip archives are commonly found on MS-DOS systems. The zip utility, included in the zip package, creates zip archives. Zip and unzip are both compatible with archives created by PKWARE"s PKZIP for MS-DOS, but the programs" ... oval:org.secpod.oval:def:25312 The host is missing a security update according to Apple advisory, APPLE-SA-2015-06-30-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle a crafted vectors. Successful exploitation leads to information disclosure, security bypas ... |