Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
info-zip vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2018-1000034
An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an malicious user to perform a denial of service and read sensitive memory.
Info-zip Unzip 6.10c22
10
CVSSv2
CVE-2004-1010
Buffer overflow in Info-Zip 2.3 and possibly earlier versions, when using recursive folder compression, allows remote malicious users to execute arbitrary code via a ZIP file containing a long pathname.
Info-zip Zip 2.3
7.5
CVSSv2
CVE-2018-13410
Info-ZIP Zip 3.0, when the -T and -TT command-line options are used, allows malicious users to cause a denial of service (invalid free and application crash) or possibly have unspecified other impact because of an off-by-one error. NOTE: it is unclear whether there are realistic ...
Info-zip Project Zip 3.0
2.6
CVSSv2
CVE-2003-0282
Directory traversal vulnerability in UnZip 5.50 allows malicious users to overwrite arbitrary files via invalid characters between two . (dot) characters, which are filtered and result in a ".." sequence.
Info-zip Unzip 5.50
Sco Openlinux Workstation 3.1.1
Sco Openlinux Server 3.1.1
1 EDB exploit
7.5
CVSSv2
CVE-2015-1315
Buffer overflow in the charset_to_intern function in unix/unix.c in Info-Zip UnZip 6.10b allows remote malicious users to execute arbitrary code via a crafted string, as demonstrated by converting a string from CP866 to UTF-8.
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Info-zip Unzip 6.10b
2.1
CVSSv2
CVE-2019-13232
Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service (resource consumption), aka a "better zip bomb" issue.
Unzip Project Unzip 6.0
Debian Debian Linux 8.0
6.8
CVSSv2
CVE-2018-1000035
A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 in the processing of password-protected archives that allows an malicious user to perform a denial of service or to possibly achieve code execution.
Unzip Project Unzip
4.3
CVSSv2
CVE-2018-18384
Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive has a crafted relationship between the compressed-size value and the uncompressed-size value, because a buffer size is 10 and is supposed to be 12.
Unzip Project Unzip 6.0
4.3
CVSSv2
CVE-2015-7697
Info-ZIP UnZip 6.0 allows remote malicious users to cause a denial of service (infinite loop) via empty bzip2 data in a ZIP archive.
Debian Debian Linux 8.0
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Debian Debian Linux 7.0
Unzip Project Unzip 6.0
1 Github repository
6.8
CVSSv2
CVE-2015-7696
Info-ZIP UnZip 6.0 allows remote malicious users to cause a denial of service (heap-based buffer over-read and application crash) or possibly execute arbitrary code via a crafted password-protected ZIP archive, possibly related to an Extra-Field size value.
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 15.04
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Unzip Project Unzip 6.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »