Download
| Alert*
oval:org.secpod.oval:def:2101171
Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service (infinite loop) via empty bzip2 data in a ZIP archive. oval:org.secpod.oval:def:89043924 This update for unzip fixes the following security issues: - CVE-2014-9913: Specially crafted zip files could trigger invalid memory writes possibly resulting in DoS or corruption - CVE-2015-7696: Specially crafted zip files with password protection could trigger a crash and lead to denial of servi ... oval:org.secpod.oval:def:52614 unzip: De-archiver for .zip files unzip could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:602260 Two vulnerabilities have been found in unzip, a de-archiver for .zip files. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2015-7696 Gustavo Grieco discovered that unzip incorrectly handled certain password protected archives. If a user or automated system we ... oval:org.secpod.oval:def:702816 unzip: De-archiver for .zip files unzip could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:89044840 This update for unzip fixes the following issues: - CVE-2014-9913: Specially crafted zip files could trigger invalid memory writes possibly resulting in DoS or corruption - CVE-2015-7696: Specially crafted zip files with password protection could trigger a crash and lead to denial of service - CVE ... oval:org.secpod.oval:def:1700552 Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service via empty bzip2 data in a ZIP archive. Buffer overflow in the zi_short function in zipinfo.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service via a large compression method value in the central direct ... |