Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
info-zip unzip vulnerabilities and exploits
(subscribe to this query)
3.7
CVSSv2
CVE-2005-4667
Buffer overflow in UnZip 5.50 and previous versions allows user-assisted malicious users to execute arbitrary code via a long filename command line argument. NOTE: since the overflow occurs in a non-setuid program, there are not many scenarios under which it poses a vulnerability...
Info-zip Unzip 5.2
Info-zip Unzip 5.3
Info-zip Unzip 5.31
Info-zip Unzip 5.41
Info-zip Unzip 5.42
Info-zip Unzip 5.50
Info-zip Unzip 5.32
Info-zip Unzip 5.40
1 EDB exploit
6.2
CVSSv2
CVE-2005-0602
Unzip 5.51 and previous versions does not properly warn the user when extracting setuid or setgid files, which may allow local users to gain privileges.
Info-zip Unzip
Info-zip Unzip 5.50
2.1
CVSSv2
CVE-2001-1268
Directory traversal vulnerability in Info-ZIP UnZip 5.42 and previous versions allows malicious users to overwrite arbitrary files during archive extraction via a .. (dot dot) in an extracted filename.
Info-zip Unzip
2.1
CVSSv2
CVE-2001-1269
Info-ZIP UnZip 5.42 and previous versions allows malicious users to overwrite arbitrary files during archive extraction via filenames in the archive that begin with the '/' (slash) character.
Info-zip Unzip
9.3
CVSSv2
CVE-2008-0888
The NEEDBITS macro in the inflate_dynamic function in inflate.c for unzip can be invoked using invalid buffers, which allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger a free of uninitialized or...
Info-zip Unzip
1.2
CVSSv2
CVE-2005-2475
Race condition in Unzip 5.52 allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by Unzip after the decompression is complete.
Info-zip Unzip 5.52
6.8
CVSSv2
CVE-2018-1000031
A heap-based buffer overflow exists in Info-Zip UnZip version 6.10c22 that allows an malicious user to perform a denial of service or to possibly achieve code execution.
Info-zip Unzip 6.10c22
6.8
CVSSv2
CVE-2018-1000032
A heap-based buffer overflow exists in Info-Zip UnZip version 6.10c22 that allows an malicious user to perform a denial of service or to possibly achieve code execution.
Info-zip Unzip 6.10c22
6.4
CVSSv2
CVE-2018-1000033
An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an malicious user to perform a denial of service and read sensitive memory.
Info-zip Unzip 6.10c22
6.4
CVSSv2
CVE-2018-1000034
An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an malicious user to perform a denial of service and read sensitive memory.
Info-zip Unzip 6.10c22
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »