Download
| Alert*
oval:org.secpod.oval:def:52614
unzip: De-archiver for .zip files unzip could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:52623 unzip: De-archiver for .zip files Details: USN-2788-1 fixed vulnerabilities in unzip. One of the security patches caused a regression when extracting 0-byte files. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-2788-1 introduced a regression in unzip. oval:org.secpod.oval:def:1900555 Buffer overflow in the zi_short function in zipinfo.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service via a largecompression method value in the central directory file header. oval:org.secpod.oval:def:108446 The unzip utility is used to list, test, or extract files from a zip archive. Zip archives are commonly found on MS-DOS systems. The zip utility, included in the zip package, creates zip archives. Zip and unzip are both compatible with archives created by PKWARE"s PKZIP for MS-DOS, but the programs" ... oval:org.secpod.oval:def:1500948 unzip 6.0 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via an extra field with an uncompressed size smaller than the compressed field size in a zip archive that advertises STORED method compression. oval:org.secpod.oval:def:601947 A flaw was found in the test_compr_eb function allowing out-of-bounds read and write access to memory locations. By carefully crafting a corrupt ZIP archive an attacker can trigger a heap overflow, resulting in application crash or possibly having other unspecified impact. oval:org.secpod.oval:def:203591 The unzip utility is used to list, test, or extract files from a zip archive. A buffer overflow was found in the way unzip uncompressed certain extra fields of a file. A specially crafted Zip archive could cause unzip to crash or, possibly, execute arbitrary code when the archive was tested with unz ... oval:org.secpod.oval:def:204255 The unzip utility is used to list, test, or extract files from a zip archive. A buffer overflow was found in the way unzip uncompressed certain extra fields of a file. A specially crafted Zip archive could cause unzip to crash or, possibly, execute arbitrary code when the archive was tested with unz ... oval:org.secpod.oval:def:203572 The unzip utility is used to list, test, or extract files from a zip archive. A buffer overflow was found in the way unzip uncompressed certain extra fields of a file. A specially crafted Zip archive could cause unzip to crash or, possibly, execute arbitrary code when the archive was tested with unz ... oval:org.secpod.oval:def:501538 The unzip utility is used to list, test, or extract files from a zip archive. A buffer overflow was found in the way unzip uncompressed certain extra fields of a file. A specially crafted Zip archive could cause unzip to crash or, possibly, execute arbitrary code when the archive was tested with unz ... oval:org.secpod.oval:def:1500951 unzip 6.0 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via an extra field with an uncompressed size smaller than the compressed field size in a zip archive that advertises STORED method compression. oval:org.secpod.oval:def:1200014 A buffer overflow was found in the way unzip uncompressed certain extra fields of a file. A specially crafted Zip archive could cause unzip to crash or, possibly, execute arbitrary code when the archive was tested with unzip"s "-t" option. A buffer overflow flaw was found in the way unzip computed t ... oval:org.secpod.oval:def:108399 The unzip utility is used to list, test, or extract files from a zip archive. Zip archives are commonly found on MS-DOS systems. The zip utility, included in the zip package, creates zip archives. Zip and unzip are both compatible with archives created by PKWARE"s PKZIP for MS-DOS, but the programs" ... |