Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
info-zip vulnerabilities and exploits
(subscribe to this query)
9.1
CVSSv3
CVE-2018-1000034
An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an malicious user to perform a denial of service and read sensitive memory.
Info-zip Unzip 6.10c22
7.5
CVSSv3
CVE-2013-5659
Wiz 5.0.3 has a user mode write access violation
Info-zip Wiz 5.0.3
9.8
CVSSv3
CVE-2018-13410
Info-ZIP Zip 3.0, when the -T and -TT command-line options are used, allows malicious users to cause a denial of service (invalid free and application crash) or possibly have unspecified other impact because of an off-by-one error. NOTE: it is unclear whether there are realistic ...
Info-zip Project Zip 3.0
NA
CVE-2003-0282
Directory traversal vulnerability in UnZip 5.50 allows malicious users to overwrite arbitrary files via invalid characters between two . (dot) characters, which are filtered and result in a ".." sequence.
Info-zip Unzip 5.50
Sco Openlinux Workstation 3.1.1
Sco Openlinux Server 3.1.1
1 EDB exploit
NA
CVE-2015-1315
Buffer overflow in the charset_to_intern function in unix/unix.c in Info-Zip UnZip 6.10b allows remote malicious users to execute arbitrary code via a crafted string, as demonstrated by converting a string from CP866 to UTF-8.
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Info-zip Unzip 6.10b
3.3
CVSSv3
CVE-2019-13232
Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service (resource consumption), aka a "better zip bomb" issue.
Unzip Project Unzip 6.0
Debian Debian Linux 8.0
7.8
CVSSv3
CVE-2018-1000035
A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 in the processing of password-protected archives that allows an malicious user to perform a denial of service or to possibly achieve code execution.
Unzip Project Unzip
5.5
CVSSv3
CVE-2018-18384
Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive has a crafted relationship between the compressed-size value and the uncompressed-size value, because a buffer size is 10 and is supposed to be 12.
Unzip Project Unzip 6.0
NA
CVE-2015-7697
Info-ZIP UnZip 6.0 allows remote malicious users to cause a denial of service (infinite loop) via empty bzip2 data in a ZIP archive.
Debian Debian Linux 8.0
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Debian Debian Linux 7.0
Unzip Project Unzip 6.0
1 Github repository
NA
CVE-2015-7696
Info-ZIP UnZip 6.0 allows remote malicious users to cause a denial of service (heap-based buffer over-read and application crash) or possibly execute arbitrary code via a crafted password-protected ZIP archive, possibly related to an Extra-Field size value.
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 15.04
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Unzip Project Unzip 6.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »